ALT-BU-2024-15295-2
Branch c10f2 update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-16301
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
Modified: 2024-11-21
CVE-2020-8037
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
- 20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina
- 20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina
- https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
- https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
- [debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update
- [debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update
- FEDORA-2020-c5e78886d6
- FEDORA-2020-c5e78886d6
- FEDORA-2020-fae2e1f2bc
- FEDORA-2020-fae2e1f2bc
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212326
- https://support.apple.com/kb/HT212326
- https://support.apple.com/kb/HT212327
- https://support.apple.com/kb/HT212327
Closed vulnerabilities
Modified: 2024-12-13
CVE-2024-9681
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure `HTTP://` scheme and perform transfers with hosts like `x.example.com` as well as `example.com` where the first host is a subdomain of the second host. (The HSTS cache either needs to have been populated manually or there needs to have been previous HTTPS accesses done as the cache needs to have entries for the domains involved to trigger this problem.) When `x.example.com` responds with `Strict-Transport-Security:` headers, this bug can make the subdomain's expiry timeout *bleed over* and get set for the parent domain `example.com` in curl's HSTS cache. The result of a triggered bug is that HTTP accesses to `example.com` get converted to HTTPS for a different period of time than what was asked for by the origin server. If `example.com` for example stops supporting HTTPS at its expiry time, curl might then fail to access `http://example.com` until the (wrongly set) timeout expires. This bug can also expire the parent's entry *earlier*, thus making curl inadvertently switch back to insecure HTTP earlier than otherwise intended.
Closed vulnerabilities
BDU:2024-02816
Уязвимость базовой системы аутентификации веб-инструмента представления данных Grafana, позволяющая нарушителю обойти проверку электронной почты и помешать законным владельцам электронной почты зарегистрироваться
BDU:2024-07696
Уязвимость реализации прикладного программного интерфейса Endpoint платформы для мониторинга и наблюдения Grafana, позволяющая нарушителю повысить свои привилегии
Modified: 2025-02-15
CVE-2023-6152
A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up.
- https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f
- https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f
- https://grafana.com/security/security-advisories/cve-2023-6152/
- https://grafana.com/security/security-advisories/cve-2023-6152/
- https://security.netapp.com/advisory/ntap-20250214-0008/
Modified: 2024-09-30
CVE-2024-8118
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.