CVE-2024-1082
published 2024-02-13CVE-2024-1082: A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying…
PriorityP341medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.77%
51.0th percentile
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying arbitrary symbolic links to a GitHub Pages site with a specially crafted artifact tarball. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.15, 3.9.10, 3.10.7, 3.11.5. This vulnerability was reported via the GitHub Bug Bounty program.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github | enterprise_server | < 3.8.15 | 3.8.15 |
| github | enterprise_server | >= 3.10.0 < 3.10.7 | 3.10.7 |
| github | enterprise_server | >= 3.11.0 < 3.11.5 | 3.11.5 |
| github | enterprise_server | >= 3.8.0 < 3.8.15 | 3.8.15 |
| github | enterprise_server | >= 3.9.0 < 3.9.10 | 3.9.10 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-54qf-h346-xgmg: A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by de
ghsa_unreviewed·2024-02-13
CVE-2024-1082 [MEDIUM] CWE-22 GHSA-54qf-h346-xgmg: A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by de
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying arbitrary symbolic links to a GitHub Pages site with a specially crafted artifact tarball. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.15, 3.9.10, 3.10.7, 3.11.5. This vulnerability was reported via the GitHub Bug Bounty program.
Red Hat
kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
vendor_redhat·2025-05-01·CVSS 5.5
CVE-2025-37765 [MEDIUM] kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: prime: fix ttm_bo_delayed_delete oops
Fix an oops in ttm_bo_delayed_delete which results from dererencing a
dangling pointer:
Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP
CPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216
Hardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024
Workqueue: ttm ttm_bo_delayed_delete [ttm]
RIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290
Code: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 8b 44 24 10 c6 43 2c 01 48 89 df 89
Red Hat
kernel: drm/amdgpu: fix deadlock while reading mqd from debugfs
vendor_redhat·2024-05-17·CVSS 5.5
CVE-2024-35795 [MEDIUM] CWE-400 kernel: drm/amdgpu: fix deadlock while reading mqd from debugfs
kernel: drm/amdgpu: fix deadlock while reading mqd from debugfs
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix deadlock while reading mqd from debugfs
An errant disk backup on my desktop got into debugfs and triggered the
following deadlock scenario in the amdgpu debugfs files. The machine
also hard-resets immediately after those lines are printed (although I
wasn't able to reproduce that part when reading by hand):
[ 1318.016074][ T1082] ======================================================
[ 1318.016607][ T1082] WARNING: possible circular locking dependency detected
[ 1318.017107][ T1082] 6.8.0-rc7-00015-ge0c8221b72c0 #17 Not tainted
[ 1318.017598][ T1082] ------------------------------------------------------
[ 1318.018096][ T1082] tar/1082 is tryi
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-37765 kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
bugzilla·2025-05-01·CVSS 5.5
CVE-2025-37765 [MEDIUM] CVE-2025-37765 kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
CVE-2025-37765 kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: prime: fix ttm_bo_delayed_delete oops
Fix an oops in ttm_bo_delayed_delete which results from dererencing a
dangling pointer:
Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP
CPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216
Hardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024
Workqueue: ttm ttm_bo_delayed_delete [ttm]
RIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290
Code: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 8b 44 24 10 c6 43
Bugzilla
CVE-2024-12397 io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling
bugzilla·2024-12-10·CVSS 7.4
CVE-2024-12397 [HIGH] CVE-2024-12397 io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling
CVE-2024-12397 io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling
A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with
certain value-delimiting characters in incoming requests. This issue could
allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie
values or spoof arbitrary additional cookie values, leading to unauthorized
data access or modification. The main threat from this flaw impacts data
confidentiality and integrity.
Discussion:
This issue has been addressed in the following products:
Red Hat Build of Apache Camel 4.8 for Quarkus 3.15
Via RHSA-2025:1082 https://access.redhat.com/errata/RHSA-2025:1082
---
This issue has been addressed in the following products:
Cryostat 4 on RHEL 9
Via RHSA-2025:3018 https://access.redha
https://docs.github.com/en/[email protected]/admin/release-notes#3.10.7https://docs.github.com/en/[email protected]/admin/release-notes#3.11.5https://docs.github.com/en/[email protected]/admin/release-notes#3.8.15https://docs.github.com/en/[email protected]/admin/release-notes#3.9.10https://docs.github.com/en/[email protected]/admin/release-notes#3.10.7https://docs.github.com/en/[email protected]/admin/release-notes#3.11.5https://docs.github.com/en/[email protected]/admin/release-notes#3.8.15https://docs.github.com/en/[email protected]/admin/release-notes#3.9.10
2024-02-13
Published