Today's security landscape is dominated by a surge of high-severity advisories, with 102 critical or high-risk entries primarily targeting the Linux Kernel, Red Hat ecosystem, and network infrastructure components like Squid.

High-severity advisories

  • Squid: A remote anonymous attacker can exploit a vulnerability to execute arbitrary program code. Link
  • Red Hat Enterprise Linux and Satellite: Multiple vulnerabilities in container images allow information disclosure or arbitrary code execution. Link
  • Red Hat OpenShift Container Platform: Authenticated attackers can bypass security measures within the gRPC-Go component. Link
  • Squid: Multiple vulnerabilities allow remote anonymous attackers to trigger a Denial of Service. Link
  • Keycloak: Flaws enable information disclosure, data manipulation, security bypass, and Denial of Service. Link
  • Rsync: Vulnerabilities allow privilege escalation, info disclosure, security bypass, and Denial of Service attacks. Link
  • Squid [CRITICAL]: A remote anonymous attacker can bypass security measures and disclose sensitive information. Link
  • Mozilla Thunderbird and Firefox: Multiple vulnerabilities allow privilege escalation, DoS, info disclosure, and security bypass. Link
  • Red Hat Enterprise Linux: Vulnerabilities in JWCrypto and python-markdown enable remote Denial of Service. Link
  • Atlassian Products: Code execution, DoS, and info disclosure flaws affect Bamboo, Bitbucket, Confluence, and Jira. Link
  • Broadcom Automic Automation Agent: A local vulnerability allows attackers to escalate privileges on Unix systems. Link
  • Linux Kernel: "Dirty Frag" vulnerabilities enable local attackers to obtain full administrator rights. Link
  • Mozilla Firefox and Thunderbird: Remote attackers can execute code, disclose info, and perform sandbox escapes. Link
  • Microsoft Defender: Flaws in the Malware Protection Engine allow privilege escalation and arbitrary code execution. Link
  • Linux Kernel: Multiple vulnerabilities allow code execution, memory corruption, and privilege escalation. Link
  • Vaultwarden: Remote anonymous attackers can gain user rights and disclose sensitive information. Link
  • Nvidia GPU Drivers: Local attackers can escalate privileges, manipulate data, or execute arbitrary code. Link
  • Apache Airflow: Multiple vulnerabilities allow attackers to manipulate files and disclose sensitive data. Link
  • xwiki: A remote anonymous attacker can exploit a vulnerability to manipulate stored data. Link
  • Red Hat Enterprise Linux: A vulnerability in the Lodash library enables remote Denial of Service. Link
  • Angular: Remote anonymous attackers can exploit a vulnerability to disclose sensitive information. Link
  • NGINX and NGINX Plus: Multiple flaws allow Denial of Service, data manipulation, and potential code execution. Link
  • NGINX Open Source and Plus: Remote attackers can bypass security, execute code, or cause DoS. Link
  • cURL: Vulnerabilities allow attackers to bypass security measures, disclose information, or manipulate data. Link
  • Ruby: Multiple vulnerabilities allow attackers to disclose sensitive information or execute arbitrary code. Link
  • MediaWiki: Remote authenticated attackers can execute code, perform XSS, or cause a Denial of Service. Link
  • Oracle MySQL: Multiple vulnerabilities compromise the confidentiality, integrity, and availability of database systems. Link
  • strongSwan: Flaws allow remote anonymous attackers to perform DoS or potentially execute code. Link
  • PackageKit: A local attacker can exploit a vulnerability to escalate their system privileges. Link
  • Linux Kernel: Multiple flaws allow attackers to escalate privileges or trigger a Denial of Service. Link
  • GNU libc [CRITICAL]: Vulnerabilities allow remote attackers to manipulate files and cause a Denial of Service. Link
  • Ruby on Rails: A vulnerability in the erb gem allows remote code execution by bypassing security. Link
  • Red Hat Hardened Images: Flaws in jq and pyOpenSSL enable DoS and info disclosure. Link
  • Bouncy Castle BC-JAVA: Cryptographic bypass and Denial of Service vulnerabilities affect Java environments. Link
  • Erlang/OTP: Multiple vulnerabilities allow attackers to bypass security measures and manipulate data. Link
  • vim: A remote anonymous attacker can exploit a vulnerability to execute arbitrary program code. Link
  • Red Hat Ansible: Multiple flaws allow code execution, security bypass, and Denial of Service. Link
  • Grafana: Vulnerabilities allow attackers to execute code, disclose info, or trigger a Denial of Service. Link
  • TigerVNC: Local attackers can manipulate files, disclose info, and cause a Denial of Service. Link
  • Linux Kernel: Multiple vulnerabilities enable Denial of Service, info disclosure, and potential code execution. Link
  • MariaDB: A remote authenticated attacker can trigger a Denial of Service or potentially execute code. Link
  • WebKitGTK: Vulnerabilities allow remote anonymous code execution and disclosure of sensitive information. Link
  • Linux Kernel: Flaws allow attackers to cause memory corruption and trigger Denial of Service states. Link
  • FreeRDP: Multiple vulnerabilities allow code execution, data manipulation, and Denial of Service. Link
  • Erlang/OTP: Flaws enable security bypass, DoS, and HTTP request smuggling attacks. Link
  • Microsoft Windows: Vulnerabilities allow privilege escalation, code execution, and information disclosure across Server editions. Link
  • Golang: Multiple vulnerabilities allow attackers to perform unspecified security-impacting attacks. Link
  • GStreamer: Memory corruption flaws allow remote anonymous attackers to potentially execute arbitrary code. Link
  • FreeRDP: Flaws allow remote attackers to execute arbitrary code or trigger Denial of Service. Link
  • Linux Kernel: Multiple vulnerabilities leading to memory corruption and Denial of Service. Link
  • Apache Tomcat: Remote anonymous attackers can bypass security measures and disclose sensitive information. Link
  • Linux Kernel: Vulnerabilities allow attackers to trigger Denial of Service or cause memory corruption. Link
  • PostgreSQL: Vulnerabilities enable code execution, info disclosure, and potential privilege escalation. Link
  • Golang: Multiple flaws allow remote code execution or bypass of security measures. Link
  • Linux Kernel: Vulnerabilities leading to potential memory corruption or Denial of Service states. Link
  • Linux Kernel: Flaws enable attackers to trigger a Denial of Service condition. Link
  • OpenSSL: Multiple vulnerabilities allow code execution, info disclosure, and Denial of Service. Link
  • Linux Kernel: Vulnerabilities allow Denial of Service or potential memory corruption. Link
  • FreeRDP: Remote anonymous attackers can trigger a Denial of Service or potentially execute code. Link
  • Linux Kernel: Multiple vulnerabilities enable attackers to trigger a Denial of Service. Link
  • FreeRDP: Remote flaws allow code execution, data manipulation, info disclosure, and Denial of Service. Link
  • Linux Kernel: Flaws leading to potential memory corruption or Denial of Service. Link
  • Linux Kernel: Vulnerabilities enable attackers to trigger a Denial of Service state. Link
  • Linux Kernel: Flaws allowing attackers to cause memory corruption or Denial of Service. Link
  • strongSwan: Local attackers can bypass security measures via the NetworkManager plugin. Link
  • TianoCore EDK2: A remote authenticated attacker can exploit a vulnerability to execute code. Link
  • Linux Kernel: Multiple vulnerabilities leading to potential Denial of Service. Link
  • Red Hat Enterprise Linux: Security bypass flaws in runc enable Denial of Service attacks. Link
  • Linux Kernel: Local attackers can execute code, escalate privileges, and steal sensitive data. Link
  • Apache Tomcat: Vulnerabilities allow code execution, security bypass, data manipulation, and DoS. Link
  • ISC BIND: Flaws allow remote anonymous attackers to manipulate files and cause a DoS. Link
  • Redis [CRITICAL]: Multiple vulnerabilities enable code execution, data manipulation, and Denial of Service. Link
  • Linux Kernel: Vulnerabilities enable attackers to trigger a remote Denial of Service. Link
  • Podman: A remote authenticated attacker can exploit a vulnerability to manipulate system files. Link
  • Linux Kernel: Multiple flaws allowing attackers to trigger a Denial of Service. Link
  • Linux Kernel: Vulnerabilities leading to potential Denial of Service conditions. Link
  • Linux Kernel: Flaws resulting in the ability to trigger a Denial of Service. Link
  • Linux Kernel: Remote attackers can exploit vulnerabilities to trigger a Denial of Service. Link
  • Linux Kernel: Flaws causing Denial of Service or unspecified system impacts. Link
  • Linux Kernel: Remote anonymous attackers can cause a Denial of Service. Link
  • Linux Kernel: Vulnerabilities leading to a Denial of Service or other unspecified effects. Link
  • Rsync: Flaws allow info disclosure, privilege escalation, and unauthorized data manipulation. Link
  • Mozilla: Code execution and XSS flaws affect Firefox, Firefox ESR, and Thunderbird. Link
  • Golang: Vulnerabilities allow code execution, memory corruption, and security bypass. Link
  • Red Hat Enterprise Linux: Corosync vulnerabilities enable remote Denial of Service attacks. Link
  • Red Hat Enterprise Linux: FreeIPMI vulnerability enables code execution or Denial of Service. Link
  • GnuTLS: Vulnerabilities allow security bypass, info disclosure, and Denial of Service. Link
  • Xen and Citrix: Flaws allow privilege escalation, security bypass, and data manipulation. Link
  • Mozilla Firefox and ESR: Code execution and info disclosure vulnerabilities affect browser security. Link
  • TYPO3 Extensions: Code execution and SQL injection flaws affect various CMS extensions. Link
  • Joplin: Vulnerabilities allow code execution, info disclosure, and unauthorized file modification. Link
  • PostgreSQL: Flaws allow code execution, SQL injection, and unauthorized data manipulation. Link
  • Linux Kernel: "Fragnesia" vulnerability enables local attackers to obtain full administrator rights. Link
  • Red Hat OpenShift: Vulnerabilities in Kiali enable privilege escalation and Denial of Service. Link
  • Apache Tomcat: Flaws allow attackers to bypass security measures and manipulate system data. Link
  • AMD Processors: Hardware vulnerabilities allow privilege escalation and administrator-level code execution. Link
  • dnsmasq: Vulnerabilities allow root-level code execution, info disclosure, and data manipulation. Link
  • Red Hat Enterprise Linux: An OpenEXR vulnerability enables remote anonymous code execution. Link
  • Red Hat Enterprise Linux: A vulnerability in libsoup enables remote anonymous information disclosure. Link
  • Kubernetes: Code execution and DoS flaws affect Advanced Cluster Management and Multicluster engine. Link
  • Apache OFBiz: Vulnerabilities enable code execution, data manipulation, and cross-site scripting. Link
  • Microsoft Edge: Flaws allow code execution, spoofing, and bypass of security measures. Link

Other activity

An additional 108 low-to-medium severity advisories were released today, primarily consisting of moderate risk updates for diverse software packages including Linux distributions and web applications.

Patterns I noticed

The volume of Linux Kernel updates (over 20 advisories) is exceptionally high, suggesting a major synchronization or regression discovery. There is also a notable concentration on infrastructure-level services like Squid, NGINX, and core container management tools within the Red Hat ecosystem.

  • G-HOST