ALT Vulnerability

This commit is contained in:
Иван Пепеляев 2024-12-21 09:05:32 +00:00
parent f40c519964
commit 8776aa6d44
15 changed files with 113 additions and 39 deletions

View File

@ -8609,8 +8609,10 @@
}, },
{ {
"ID": "CVE-2024-2887", "ID": "CVE-2024-2887",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887",
"Impact": "None", "Impact": "High",
"Public": "20240326" "Public": "20240326"
}, },
{ {
@ -8871,20 +8873,26 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {
@ -8969,8 +8977,10 @@
}, },
{ {
"ID": "CVE-2024-5160", "ID": "CVE-2024-5160",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160",
"Impact": "None", "Impact": "High",
"Public": "20240522" "Public": "20240522"
}, },
{ {

View File

@ -521,20 +521,26 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {

View File

@ -179,14 +179,18 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {

View File

@ -383,8 +383,10 @@
"CVEs": [ "CVEs": [
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {

View File

@ -3514,8 +3514,10 @@
}, },
{ {
"ID": "CVE-2024-2887", "ID": "CVE-2024-2887",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887",
"Impact": "None", "Impact": "High",
"Public": "20240326" "Public": "20240326"
}, },
{ {
@ -3760,20 +3762,26 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {
@ -3858,8 +3866,10 @@
}, },
{ {
"ID": "CVE-2024-5160", "ID": "CVE-2024-5160",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160",
"Impact": "None", "Impact": "High",
"Public": "20240522" "Public": "20240522"
}, },
{ {

View File

@ -7782,8 +7782,10 @@
}, },
{ {
"ID": "CVE-2024-2887", "ID": "CVE-2024-2887",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887",
"Impact": "None", "Impact": "High",
"Public": "20240326" "Public": "20240326"
}, },
{ {
@ -8044,20 +8046,26 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {
@ -8142,8 +8150,10 @@
}, },
{ {
"ID": "CVE-2024-5160", "ID": "CVE-2024-5160",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160",
"Impact": "None", "Impact": "High",
"Public": "20240522" "Public": "20240522"
}, },
{ {

View File

@ -527,20 +527,26 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {

View File

@ -178,14 +178,18 @@
}, },
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {

View File

@ -325,20 +325,26 @@
"CVEs": [ "CVEs": [
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {
@ -423,8 +429,10 @@
}, },
{ {
"ID": "CVE-2024-5160", "ID": "CVE-2024-5160",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160",
"Impact": "None", "Impact": "High",
"Public": "20240522" "Public": "20240522"
}, },
{ {

View File

@ -382,8 +382,10 @@
"CVEs": [ "CVEs": [
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {

View File

@ -83,8 +83,10 @@
}, },
{ {
"ID": "CVE-2024-2887", "ID": "CVE-2024-2887",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887",
"Impact": "None", "Impact": "High",
"Public": "20240326" "Public": "20240326"
} }
], ],

View File

@ -762,8 +762,10 @@
}, },
{ {
"ID": "CVE-2024-2887", "ID": "CVE-2024-2887",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-2887",
"Impact": "None", "Impact": "High",
"Public": "20240326" "Public": "20240326"
}, },
{ {

View File

@ -37,7 +37,7 @@
"Description": "This update upgrades chromium to version 124.0.6367.118-alt1. \nSecurity Fix(es):\n\n * CVE-2024-4331: Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-4368: Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "Description": "This update upgrades chromium to version 124.0.6367.118-alt1. \nSecurity Fix(es):\n\n * CVE-2024-4331: Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-4368: Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"Advisory": { "Advisory": {
"From": "errata.altlinux.org", "From": "errata.altlinux.org",
"Severity": "Low", "Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.", "Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": { "Issued": {
"Date": "2024-05-02" "Date": "2024-05-02"
@ -49,14 +49,18 @@
"CVEs": [ "CVEs": [
{ {
"ID": "CVE-2024-4331", "ID": "CVE-2024-4331",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4331",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
}, },
{ {
"ID": "CVE-2024-4368", "ID": "CVE-2024-4368",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4368",
"Impact": "None", "Impact": "High",
"Public": "20240501" "Public": "20240501"
} }
], ],

View File

@ -37,7 +37,7 @@
"Description": "This update upgrades chromium to version 124.0.6367.155-alt1. \nSecurity Fix(es):\n\n * CVE-2024-4558: Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-4559: Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "Description": "This update upgrades chromium to version 124.0.6367.155-alt1. \nSecurity Fix(es):\n\n * CVE-2024-4558: Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-4559: Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"Advisory": { "Advisory": {
"From": "errata.altlinux.org", "From": "errata.altlinux.org",
"Severity": "Low", "Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.", "Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": { "Issued": {
"Date": "2024-05-10" "Date": "2024-05-10"
@ -49,8 +49,10 @@
"CVEs": [ "CVEs": [
{ {
"ID": "CVE-2024-4558", "ID": "CVE-2024-4558",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None", "Impact": "Critical",
"Public": "20240507" "Public": "20240507"
}, },
{ {

View File

@ -316,8 +316,10 @@
}, },
{ {
"ID": "CVE-2024-5160", "ID": "CVE-2024-5160",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5160",
"Impact": "None", "Impact": "High",
"Public": "20240522" "Public": "20240522"
}, },
{ {