이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 6. Fixed security issues


This section lists security issues fixed in Red Hat Developer Hub 1.3.

6.1. Red Hat Developer Hub 1.3.0

6.1.1. Red Hat Developer Hub dependency updates

CVE-2024-21536
A flaw was found in the http-proxy-middleware package. Affected versions of this package are vulnerable to denial of service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. This flaw allows an attacker to kill the Node.js process and crash the server by requesting certain paths.
CVE-2024-37890
A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of service.
CVE-2024-45590
A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.

6.1.2. RHEL 9 platform RPM updates

CVE-2021-47385
In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field
CVE-2023-28746
A vulnerability was found in some Intel Atom Processor’s microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system.
CVE-2023-52658
In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency"
CVE-2024-6232
A regular expression denial of service (ReDos) vulnerability was found in Python’s tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.
CVE-2024-9355
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.
CVE-2024-27403
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow
CVE-2024-34156
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
CVE-2024-35989
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
CVE-2024-36889
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect
CVE-2024-36978
In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune()
CVE-2024-38556
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore
CVE-2024-39483
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked
CVE-2024-39502
In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del()
CVE-2024-40959
In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
CVE-2024-42079
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush
CVE-2024-42272
In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key
CVE-2024-42284
In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error

6.2. Red Hat Developer Hub 1.3.0

6.2.1. Red Hat Developer Hub dependency updates

CVE-2024-24790
A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn’t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.
CVE-2024-24791
A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.
CVE-2024-35255
A flaw was found in the Azure identity library at github.com/Azure/azure-sdk-for-go/sdk/azidentity. This issue allows an elevation of privileges.
CVE-2024-37891
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects.
CVE-2024-39008
A flaw was found in the fast-loops Node.js package. This flaw allows an attacker to alter the behavior of all objects inheriting from the affected prototype by passing arguments to the objectMergeDeep function crafted with the built-in property: proto. This issue can potentially lead to a denial of service, remote code execution, or Cross-site scripting.
CVE-2024-39249
A flaw was found in the async Node.js package. A Regular expression Denial of Service (ReDoS) attack can potentially be triggered via the autoinject function while parsing specially crafted input.

6.2.2. RHEL 9 platform RPM updates

CVE-2023-52439
A flaw was found in the Linux kernel’s uio subsystem. A use-after-free memory flaw in the uio_open functionality allows a local user to crash or escalate their privileges on the system.
CVE-2023-52884
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions
CVE-2024-6119
A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process.
CVE-2024-26739
A use-after-free flaw was found in net/sched/act_mirred.c in the Linux kernel. This may result in a crash.
CVE-2024-26929
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of fcport
CVE-2024-26930
A vulnerability was found in the Linux kernel. A potential double-free in the pointer ha→vp_map exists in the Linux kernel in drivers/scsi/qla2xxx/qla_os.c.
CVE-2024-26931
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull
CVE-2024-26947
A flaw was found in the Linux kernel’s ARM memory management functionality, where certain memory layouts cause a kernel panic. This flaw allows an attacker who can specify or alter memory layouts to cause a denial of service.
CVE-2024-26991
A flaw was found in the Linux Kernel. A lpage_info overflow can occur when checking attributes. This may lead to a crash.
CVE-2024-27022
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized
CVE-2024-35895
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem
CVE-2024-36016
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
CVE-2024-36899
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
CVE-2024-38562
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing
CVE-2024-38570
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount
CVE-2024-38573
A NULL pointer dereference flaw was found in cppc_cpufreq_get_rate() in the Linux kernel. This issue may result in a crash.
CVE-2024-38601
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks
CVE-2024-38615
In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional
CVE-2024-39331
A flaw was found in Emacs. Arbitrary shell commands can be executed without prompting when an Org mode file is opened or when the Org mode is enabled, when Emacs is used as an email client, this issue can be triggered when previewing email attachments.
CVE-2024-40984
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
CVE-2024-41071
An out-of-bounds buffer overflow has been found in the Linux kernel’s mac80211 subsystem when scanning for SSIDs. Address calculation using out-of-bounds array indexing could result in an attacker crafting an exploit, resulting in the complete compromise of a system.
CVE-2024-42225
A potential flaw was found in the Linux kernel’s MediaTek WiFi, where it was reusing uninitialized data. This flaw allows a local user to gain unauthorized access to some data potentially.
CVE-2024-42246
In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket
CVE-2024-45490
A flaw was found in libexpat’s xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.
CVE-2024-45491
An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.
CVE-2024-45492
A flaw was found in libexpat’s internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.