[oss-security] CVE-2024-52533: Buffer overflow in socks proxy code in glib < 2.82.1

Another CVE was issued by Mitre yesterday for another bug listed on https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home https://gitlab.gnome.org/GNOME/glib/-/issues/3461 reports that: "set_connect_msg() receives a buffer of size SOCKS4_CONN_MSG_LEN but it writes up to SOCKS4_CONN_MSG_LE

Re: [oss-security] Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables

On Tue, Nov 12, 2024 at 12:05:47PM +, Xen Security wrote: > Only PVH guests can leverage the vulnerability. HVM and PV guests > cannot leverage the vulnerability. Note that PV guests when run inside > the (PVH) shim can't leverage the vulnerability. Is this unconditional (perhaps because the

Re: [oss-security] shell wildcard expansion (un)safety

On Wednesday, November 6th, 2024 at 15:44, David A. Wheeler wrote: > Long ago I wrong a really long essay about POSIX filename issues. > Some people here may find it interesting: > https://dwheeler.com/essays/fixing-unix-linux-filenames.html Thank you. Around six months ago I added a restrictio

Re: [oss-security] 4 recent security bugs in GNOME's libsoup

On 11/9/24 10:45, Alan Coopersmith wrote: https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home lists four security vulnerabilities reported against libsoup since June 2024, none of which have CVE id's listed as being assigned.  (For those not familiar with it, libsoup is an HTTP client/ser

Re: [oss-security] Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables

On 12/11/2024 5:17 pm, Demi Marie Obenour wrote: > On Tue, Nov 12, 2024 at 12:05:47PM +, Xen Security wrote: >> Only PVH guests can leverage the vulnerability. HVM and PV guests >> cannot leverage the vulnerability. Note that PV guests when run inside >> the (PVH) shim can't leverage the vuln

RE: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets

Hello First thanks to Alexander for reposting because I was not able to do so! You're right Clemens, I have myself ask the question on this github (https://github.com/cisagov/vulnrichment/issues/130), but still no information for the moment. Joel De : C

Re: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets

Hi, > On 12. Nov 2024, at 15:58, Solar Designer wrote: > > So a question for this list/thread may be - where/how may we dispute > CISA-ADP analysis? Maybe someone would reply with specific contact info > for them, and Joel would proceed with that. I think the source for the CISA-ADP data is at

Re: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets

On Tue, Oct 29, 2024 at 09:09:01PM -0500, Jacob Bachmeyer wrote: > On 10/29/24 08:03, Joel GUITTET wrote: > >We would like to ask your advice about the CVE-2024-36905 (tcp shutdown > >vulnerability). > >NIST indicates a network vector while AWS and Red Hat indicates local > >attack vector. > >Our c

[oss-security] CVE-2024-50386: Apache CloudStack: Directly downloaded templates can be used to abuse KVM-based infrastructure

Severity: important Affected versions: - Apache CloudStack 4.0.0 through 4.18.2.4 - Apache CloudStack 4.19.0.0 through 4.19.1.2 Description: Account users in Apache CloudStack by default are allowed to register templates to be downloaded directly to the primary storage for deploying instances.

[oss-security] Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2024-45819 / XSA-464 version 2 libxl leaks data to PVH guests via ACPI tables UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION ===