Sick Codes

**Name of the Vulnerable Software and Affected Versions** System Center Operations Manager: Open Management Infrastructure (OMI) (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.18.13 **Description** The issue is related to the clear bss function in the Linux kernel, which is associated with errors in clearing the initial symbol of the block (.bss). This can allow an attacker to cause a denial of service or gain privileges, specifically affecting Xen PV guest OS users. **Recommendations** For Linux kernel versions prior to 5.18.13, update to version 5.18.13 or later to resolve the issue. As a temporary workaround, consider restricting access to Xen PV guest OS to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** QEMU versions prior to 7.0.0 **Description** The issue in QEMU's softmmu/physmem.c file can lead to an uninitialized read on the translate fail path, resulting in an io readx or io writex crash. A third party notes that this might not be considered a security bug according to the Non-virtualization Use Case in the qemu.org reference. The vulnerability is related to the use of an uninitialized variable in the address space translate for iotlb() function, which could allow an attacker to cause a denial of service or execute arbitrary code. **Recommendations** For QEMU versions prior to 7.0.0, consider updating to a version that includes the fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WatsonWebserver versions 4.1.3 and below IpMatcher versions 1.0.4.1 and below **Description** An Input Validation issue exists due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets. **Recommendations** For WatsonWebserver versions 4.1.3 and below, update to a version above 4.1.3 to resolve the issue. For IpMatcher versions 1.0.4.1 and below, update to a version above 1.0.4.1 to resolve the issue. As a temporary workaround, consider restricting the input of IP addresses and netmasks to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Signal versions prior to 5.34 for iOS **Description** The issue allows a remote unauthenticated attacker to send legitimate looking links, appearing to be any website URL, by abusing the non-http/non-https automatic rendering of URLs. This is achieved through RTLO injection, where an attacker can spoof, for example, example.com, and masquerade any URL with a malicious destination. An attacker requires a subdomain such as gepj, txt, fdp, or xcod, which would appear backwards as jpeg, txt, pdf, and docx respectively. The technique involves incorrectly rendering RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. **Recommendations** For Signal versions prior to 5.34 for iOS, update to version 5.34 or later to resolve the issue. As a temporary workaround, consider avoiding the use of URLs with non-http/non-https automatic rendering until a patch is applied. Restrict access to potentially malicious links to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Data::Validate::IP versions 0.29 and earlier **Description** The issue is related to improper authorization in the Data::Validate::IP module. It allows a remote attacker to impact data integrity by bypassing access control based on IP addresses. This is due to the module not properly considering extraneous zero characters at the beginning of an IP address string. **Recommendations** For versions 0.29 and earlier, consider updating to a version that properly handles IP address strings to prevent access control bypass. As a temporary workaround, restrict the use of the Data::Validate::IP module until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Rust versions prior to 1.53.0 **Description** The issue is related to the improper handling of extraneous zero characters at the beginning of an IP address string in the library/std/src/net/parser.rs file. This can allow attackers to bypass access control based on IP addresses due to unexpected octal interpretation, potentially leading to data integrity violations and denial of service. **Recommendations** For Rust versions prior to 1.53.0, update to version 1.53.0 or later to resolve the issue. As a temporary workaround, consider restricting access to IP addresses that may be interpreted incorrectly due to octal representation. Avoid using IP addresses with leading zeros in configurations until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: netmask npm package versions 1.0.6 and below netmask npm package versions 2.0.0 Description: The issue is related to improper input validation of octal strings in the netmask npm package, allowing unauthenticated remote attackers to perform server-side request forgery (SSRF), remote file inclusion (RFI), and local file inclusion (LFI) attacks. This vulnerability can be exploited to bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts. The netmask package is used by over 270,000 projects and has around 3 million downloads per week. Recommendations: For netmask npm package versions 1.0.6 and below: Upgrade to version 2.0.1 or later to ensure complete protection from this vulnerability. For netmask npm package version 2.0.0: Upgrade to version 2.0.1 or later, as the initial fix in version 2.0.0 was incomplete.

Name of the Vulnerable Software and Affected Versions: Hestia Control Panel versions 1.3.5 and below Hestia Control Panel versions 1.3.3 and below can be consolidated into the previous line, so the final output is: Hestia Control Panel versions 1.3.5 and below Description: The issue allows remote authenticated users to create a subdomain for a different customer's domain name in a shared-hosting environment, leading to potential spoofing of services or email messages. Recommendations: For Hestia Control Panel versions 1.3.5 and below, consider restricting subdomain creation privileges to prevent unauthorized access to other customers' domain names until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.