Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-3775 (GCVE-0-2022-3775)
Vulnerability from cvelistv5
Published
2022-12-19 00:00
Modified
2024-08-03 01:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:20:57.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2022-3775"
},
{
"name": "GLSA-202311-14",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "grub2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All up to 2.06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When rendering certain unicode sequences, grub2\u0027s font code doesn\u0027t proper validate if the informed glyph\u0027s width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2\u0027s heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-25T12:06:19.532Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://access.redhat.com/security/cve/cve-2022-3775"
},
{
"name": "GLSA-202311-14",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-14"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-3775",
"datePublished": "2022-12-19T00:00:00.000Z",
"dateReserved": "2022-10-31T00:00:00.000Z",
"dateUpdated": "2024-08-03T01:20:57.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2024-AVI-0681
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Microsoft indique que les vulnérabilités CVE-2024-38106, CVE-2024-38107, CVE-2024-38178, CVE-2024-38193 et CVE-2024-38213 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.22769 | ||
| Microsoft | N/A | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.1457 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.4651 | ||
| Microsoft | N/A | Windows Server 2012 versions antérieures à 6.2.9200.24975 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22023 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes x64 antérieures à 10.0.22000.2710 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes ARM64 versions antérieures à 10.0.17763.6054 | ||
| Microsoft | N/A | Windows Server 2019 versions antérieures à 10.0.17763.6189 | ||
| Microsoft | N/A | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27219 | ||
| Microsoft | N/A | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27277 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.4529 | ||
| Microsoft | N/A | Windows Server 2016 versions antérieures à 10.0.14393.7259 | ||
| Microsoft | N/A | Windows Server 2016 versions antérieures à 10.0.14393.7159 | ||
| Microsoft | N/A | Windows Server 2019 versions antérieures à 10.0.17763.6054 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.4651 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.22825 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes ARM64 antérieures à 10.0.22000.3147 | ||
| Microsoft | N/A | Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.4037 | ||
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 6.3.9600.22074 | ||
| Microsoft | N/A | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27277 | ||
| Microsoft | N/A | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.950 | ||
| Microsoft | N/A | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25031 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.3737 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.4651 | ||
| Microsoft | N/A | Windows Server 2022 versions antérieures à 10.0.20348.2582 | ||
| Microsoft | N/A | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.3880 | ||
| Microsoft | N/A | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.5936 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.7070 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.7159 | ||
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 1.001 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.7070 | ||
| Microsoft | N/A | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.4037 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.4780 | ||
| Microsoft | N/A | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.7159 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.4651 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes x64 antérieures à 10.0.22000.3147 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.4529 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.7159 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.22769 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.5936 | ||
| Microsoft | N/A | Windows Server 2022 versions antérieures à 10.0.20348.2522 | ||
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 6.3.9600.22023 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19041.3920 | ||
| Microsoft | N/A | Windows Server 2022 versions antérieures à 10.0.20348.2655 | ||
| Microsoft | N/A | Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.20680 | ||
| Microsoft | N/A | Windows Server 2022 versions antérieures à 10.0.22000.2710 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.22825 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.4529 | ||
| Microsoft | N/A | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.2582 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.3880 | ||
| Microsoft | N/A | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.3737 | ||
| Microsoft | N/A | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.2522 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.22769 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22134 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.22825 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.4780 | ||
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 6.3.9600.22134 | ||
| Microsoft | N/A | Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.20710 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.22769 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.4780 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19041.3920 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.6189 | ||
| Microsoft | N/A | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.1457 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.4651 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.4780 | ||
| Microsoft | N/A | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.7259 | ||
| Microsoft | N/A | Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.22825 | ||
| Microsoft | N/A | Windows Server 2012 versions antérieures à 6.2.9200.25031 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.4037 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19041.3920 | ||
| Microsoft | N/A | Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.3880 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes ARM64 antérieures à 10.0.22000.3019 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes x64 antérieures à 10.0.22000.3079 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.4037 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.6054 | ||
| Microsoft | N/A | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.24975 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes ARM64 antérieures à 10.0.22000.3079 | ||
| Microsoft | N/A | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27219 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.5936 | ||
| Microsoft | N/A | Windows 11 version 21H2 pour systèmes x64 antérieures à 10.0.22000.3019 | ||
| Microsoft | N/A | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1009 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes ARM64 versions antérieures à 10.0.17763.5936 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.4651 | ||
| Microsoft | N/A | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.2655 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22074 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.4529 | ||
| Microsoft | N/A | Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.20751 | ||
| Microsoft | N/A | Windows Server 2012 versions antérieures à 6.2.9200.24919 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.7259 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.7259 | ||
| Microsoft | N/A | Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.20710 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes ARM64 versions antérieures à 10.0.17763.6189 | ||
| Microsoft | N/A | Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.20751 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.3880 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19041.3920 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.4780 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.4529 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.6054 | ||
| Microsoft | N/A | Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.3737 | ||
| Microsoft | N/A | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.24919 | ||
| Microsoft | N/A | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1085 | ||
| Microsoft | N/A | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.6189 | ||
| Microsoft | N/A | Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.20680 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.4529 | ||
| Microsoft | N/A | Windows Server 2016 versions antérieures à 10.0.14393.7070 | ||
| Microsoft | N/A | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.7070 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 1.001 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.4780 | ||
| Microsoft | N/A | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.6054 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.6189 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.3737 | ||
| Microsoft | N/A | Remote Desktop client pour Windows Desktop versions antérieures à 1.2.5560.0 | ||
| Microsoft | N/A | Windows Server 2019 versions antérieures à 10.0.17763.5936 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.22769",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.1457",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.4651",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.24975",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22023",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.22000.2710",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.17763.6054",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.6189",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27219",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27277",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.4529",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.7259",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.7159",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.6054",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.4651",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.22825",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64 ant\u00e9rieures \u00e0 10.0.22000.3147",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.4037",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22074",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27277",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.950",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25031",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.3737",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.4651",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.2582",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.3880",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.5936",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.7070",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.7159",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 1.001",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.7070",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.4037",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.4780",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.7159",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.4651",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.22000.3147",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.4529",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.7159",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.22769",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.5936",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.2522",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22023",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19041.3920",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.2655",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.20680",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.22000.2710",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.22825",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.4529",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.2582",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.3880",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.3737",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.2522",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.22769",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22134",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.22825",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.4780",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22134",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.20710",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.22769",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.4780",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19041.3920",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.6189",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.1457",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.4651",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.4780",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.7259",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.22825",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25031",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.4037",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19041.3920",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.3880",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64 ant\u00e9rieures \u00e0 10.0.22000.3019",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.22000.3079",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.4037",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.6054",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.24975",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64 ant\u00e9rieures \u00e0 10.0.22000.3079",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27219",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.5936",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.22000.3019",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1009",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.17763.5936",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.4651",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.2655",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22074",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.4529",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.20751",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.24919",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.7259",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.7259",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.20710",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.17763.6189",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.20751",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.3880",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19041.3920",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.4780",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.4529",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.6054",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.3737",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.24919",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1085",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.6189",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.20680",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.4529",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.7070",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.7070",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.001",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.4780",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.6054",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.6189",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.3737",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Remote Desktop client pour Windows Desktop versions ant\u00e9rieures \u00e0 1.2.5560.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.5936",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38147"
},
{
"name": "CVE-2024-38126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38126"
},
{
"name": "CVE-2024-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38136"
},
{
"name": "CVE-2024-38215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38215"
},
{
"name": "CVE-2024-38123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38123"
},
{
"name": "CVE-2024-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38185"
},
{
"name": "CVE-2024-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38163"
},
{
"name": "CVE-2024-38132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38132"
},
{
"name": "CVE-2024-38213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38213"
},
{
"name": "CVE-2024-38114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38114"
},
{
"name": "CVE-2024-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38154"
},
{
"name": "CVE-2024-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38160"
},
{
"name": "CVE-2024-38142",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38142"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2024-38187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38187"
},
{
"name": "CVE-2024-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38138"
},
{
"name": "CVE-2024-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38115"
},
{
"name": "CVE-2024-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38122"
},
{
"name": "CVE-2024-38191",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38191"
},
{
"name": "CVE-2024-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38184"
},
{
"name": "CVE-2024-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38145"
},
{
"name": "CVE-2024-38198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38198"
},
{
"name": "CVE-2024-38121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38121"
},
{
"name": "CVE-2024-38106",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38106"
},
{
"name": "CVE-2024-38148",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38148"
},
{
"name": "CVE-2024-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38161"
},
{
"name": "CVE-2024-38063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38063"
},
{
"name": "CVE-2024-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38120"
},
{
"name": "CVE-2024-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38153"
},
{
"name": "CVE-2024-38127",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38127"
},
{
"name": "CVE-2024-38223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38223"
},
{
"name": "CVE-2024-38193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38193"
},
{
"name": "CVE-2024-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38143"
},
{
"name": "CVE-2024-38141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38141"
},
{
"name": "CVE-2024-38178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38178"
},
{
"name": "CVE-2024-38155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38155"
},
{
"name": "CVE-2024-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38214"
},
{
"name": "CVE-2024-38128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38128"
},
{
"name": "CVE-2024-38134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38134"
},
{
"name": "CVE-2024-38118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38118"
},
{
"name": "CVE-2024-38144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38144"
},
{
"name": "CVE-2024-38199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38199"
},
{
"name": "CVE-2024-38186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38186"
},
{
"name": "CVE-2024-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38107"
},
{
"name": "CVE-2024-38137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38137"
},
{
"name": "CVE-2024-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38135"
},
{
"name": "CVE-2024-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38159"
},
{
"name": "CVE-2024-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38146"
},
{
"name": "CVE-2024-38196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38196"
},
{
"name": "CVE-2024-38140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38140"
},
{
"name": "CVE-2024-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38152"
},
{
"name": "CVE-2024-29995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29995"
},
{
"name": "CVE-2024-38165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38165"
},
{
"name": "CVE-2024-37968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37968"
},
{
"name": "CVE-2024-38150",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38150"
},
{
"name": "CVE-2022-3775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3775"
},
{
"name": "CVE-2024-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38125"
},
{
"name": "CVE-2024-38116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38116"
},
{
"name": "CVE-2024-38131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38131"
},
{
"name": "CVE-2024-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38180"
},
{
"name": "CVE-2024-38151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38151"
},
{
"name": "CVE-2024-38133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38133"
},
{
"name": "CVE-2024-38130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38130"
},
{
"name": "CVE-2023-40547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40547"
},
{
"name": "CVE-2024-38117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38117"
}
],
"initial_release_date": "2024-08-14T00:00:00",
"last_revision_date": "2024-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0681",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nMicrosoft indique que les vuln\u00e9rabilit\u00e9s CVE-2024-38106, CVE-2024-38107, CVE-2024-38178, CVE-2024-38193 et CVE-2024-38213 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38223",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38223"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38134",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38134"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38120",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38120"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-29995",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29995"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38161",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38161"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38136",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38136"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38131",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38131"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38153",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38153"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2022-3775",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3775"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38125",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38125"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38141",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38141"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38186",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38186"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2023-40547",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-40547"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38185",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38185"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38063",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38135",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38135"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38128",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38128"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38151",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38151"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38133",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38133"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38147",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38147"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38121",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38121"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38142",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38142"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38214",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38214"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38145",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38145"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38122",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38122"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38187"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38178",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38184",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38184"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38199",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38199"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2022-2601",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-2601"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38213",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38213"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38106",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38106"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38215",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38215"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38114",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38114"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38140",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38140"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38130",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38130"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38138",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38138"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38115",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38115"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38165",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38165"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38150",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38150"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38152",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38152"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38155",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38155"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-37968",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37968"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38198",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38198"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38127",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38127"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38180",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38180"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38123",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38123"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38118",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38118"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38132",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38132"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38160",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38160"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38148",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38148"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38137",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38137"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38144",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38144"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38159",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38159"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38107",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38107"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38117",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38117"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38154",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38154"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38116",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38116"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38193",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38193"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38143",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38143"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38126",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38126"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38146",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38146"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38196",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38196"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38191",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38191"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38163",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163"
}
]
}
CERTFR-2023-AVI-0726
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 23.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
},
{
"name": "CVE-2021-3695",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3695"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-21400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21400"
},
{
"name": "CVE-2022-48502",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48502"
},
{
"name": "CVE-2022-28735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28735"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2022-28734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28734"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2023-3159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3159"
},
{
"name": "CVE-2023-2985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2023-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3777"
},
{
"name": "CVE-2022-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0168"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-31248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2022-28736",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28736"
},
{
"name": "CVE-2023-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3995"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2023-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
},
{
"name": "CVE-2023-32252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32252"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2023-32629",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32629"
},
{
"name": "CVE-2023-32257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32257"
},
{
"name": "CVE-2022-1184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
},
{
"name": "CVE-2022-28737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28737"
},
{
"name": "CVE-2022-48425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48425"
},
{
"name": "CVE-2023-33288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
},
{
"name": "CVE-2023-21255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21255"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-32258",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32258"
},
{
"name": "CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2021-3697",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3697"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-4194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4194"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-2898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2898"
},
{
"name": "CVE-2020-36691",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36691"
},
{
"name": "CVE-2023-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38428"
},
{
"name": "CVE-2023-32247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32247"
},
{
"name": "CVE-2021-3696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3696"
},
{
"name": "CVE-2023-32248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32248"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3610"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-4015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4015"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-4273",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4273"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2023-23004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23004"
},
{
"name": "CVE-2023-35829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35829"
},
{
"name": "CVE-2021-3981",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3981"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-38426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38426"
},
{
"name": "CVE-2022-3775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3775"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-34319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
},
{
"name": "CVE-2023-38429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38429"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-32250",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32250"
},
{
"name": "CVE-2023-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3389"
}
],
"initial_release_date": "2023-09-08T00:00:00",
"last_revision_date": "2023-09-08T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0726",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6337-1 du 04 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6337-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6355-1 du 08 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6355-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6346-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6346-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6344-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6344-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6343-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6343-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6338-1 du 05 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6338-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu LSN-0097-1 du 05 septembre 2023",
"url": "https://ubuntu.com/security/notices/LSN-0097-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6348-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6348-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6342-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6342-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6350-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6350-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6339-1 du 05 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6339-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6351-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6351-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6340-1 du 05 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6340-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6349-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6349-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6341-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6341-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6347-1 du 06 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6347-1"
}
]
}
CERTFR-2024-AVI-0683
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Microsoft Azure. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Azure CycleCloud 8.4.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure Stack Hub versions antérieures à 1.2311.1.22 | ||
| Microsoft | N/A | Azure CycleCloud 8.0.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.6.1 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure Linux 3.0 x64 versions antérieures à 2.06-14 | ||
| Microsoft | N/A | Azure CycleCloud 8.4.1 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure Health Bot | ||
| Microsoft | N/A | Azure CycleCloud 8.6.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure Linux 3.0 ARM versions antérieures à 2.06-14 | ||
| Microsoft | N/A | C SDK pour Azure IoT versions antérieures à 1.12.1 | ||
| Microsoft | N/A | Azure CycleCloud 8.2.2 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.0.2 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure Connected Machine Agent versions antérieures à 1.44 | ||
| Microsoft | N/A | Azure IoT Hub Device Client SDK versions antérieures à 1.12.1 | ||
| Microsoft | N/A | Azure CycleCloud 8.1.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.5.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.3.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.6.2 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.2.0 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.0.1 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.1.1 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.4.2 versions antérieures à 8.6.3 | ||
| Microsoft | N/A | Azure CycleCloud 8.2.1 versions antérieures à 8.6.3 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Azure CycleCloud 8.4.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Stack Hub versions ant\u00e9rieures \u00e0 1.2311.1.22",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.0.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.6.1 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Linux 3.0 x64 versions ant\u00e9rieures \u00e0 2.06-14",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.4.1 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Health Bot",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.6.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Linux 3.0 ARM versions ant\u00e9rieures \u00e0 2.06-14",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "C SDK pour Azure IoT versions ant\u00e9rieures \u00e0 1.12.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.2.2 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.0.2 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Connected Machine Agent versions ant\u00e9rieures \u00e0 1.44",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure IoT Hub Device Client SDK versions ant\u00e9rieures \u00e0 1.12.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.1.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.5.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.3.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.6.2 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.2.0 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.0.1 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.1.1 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.4.2 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure CycleCloud 8.2.1 versions ant\u00e9rieures \u00e0 8.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38108"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2024-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38201"
},
{
"name": "CVE-2024-38098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38098"
},
{
"name": "CVE-2024-38158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38158"
},
{
"name": "CVE-2024-38195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38195"
},
{
"name": "CVE-2024-38162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38162"
},
{
"name": "CVE-2022-3775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3775"
},
{
"name": "CVE-2024-38109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38109"
},
{
"name": "CVE-2024-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38157"
}
],
"initial_release_date": "2024-08-14T00:00:00",
"last_revision_date": "2024-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0683",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Azure. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Azure",
"vendor_advisories": [
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38108"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2022-2601",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-2601"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38098",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38098"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38201",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38201"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2022-3775",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3775"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38109",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38109"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38195",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38195"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38162",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38162"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38157",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38157"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure CVE-2024-38158",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38158"
}
]
}
CERTFR-2024-AVI-0684
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | CBL Mariner 1.0 ARM versions antérieures à 2.06~rc1-10 | ||
| Microsoft | N/A | CBL Mariner 2.0 x64 versions antérieures à 2.06-10 | ||
| Microsoft | N/A | CBL Mariner 2.0 ARM versions antérieures à 2.06-10 | ||
| Microsoft | N/A | CBL Mariner 1.0 ARM versions antérieures à 2.06~rc1-9 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.6 antérieures à 17.6.18 | ||
| Microsoft | N/A | CBL Mariner 1.0 x64 versions antérieures à 2.06~rc1-9 | ||
| Microsoft | N/A | CBL Mariner 2.0 x64 versions antérieures à 2.06-8 | ||
| Microsoft | N/A | CBL Mariner 2.0 ARM versions antérieures à 2.06-8 | ||
| Microsoft | N/A | Microsoft Teams pour iOS versions antérieures à 7.13.0 | ||
| Microsoft | N/A | CBL Mariner 1.0 x64 versions antérieures à 2.06~rc1-10 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.10 antérieures à 17.10.6 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.8 antérieures à 17.8.13 | ||
| Microsoft | N/A | Microsoft Dynamics 365 (on-premises) version 9.1 antérieures à 1.31 | ||
| Microsoft | N/A | App Installer versions antérieures à 1.22.11261.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CBL Mariner 1.0 ARM versions ant\u00e9rieures \u00e0 2.06~rc1-10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 2.0 x64 versions ant\u00e9rieures \u00e0 2.06-10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 2.0 ARM versions ant\u00e9rieures \u00e0 2.06-10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 1.0 ARM versions ant\u00e9rieures \u00e0 2.06~rc1-9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.6 ant\u00e9rieures \u00e0 17.6.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 1.0 x64 versions ant\u00e9rieures \u00e0 2.06~rc1-9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 2.0 x64 versions ant\u00e9rieures \u00e0 2.06-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 2.0 ARM versions ant\u00e9rieures \u00e0 2.06-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Teams pour iOS versions ant\u00e9rieures \u00e0 7.13.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CBL Mariner 1.0 x64 versions ant\u00e9rieures \u00e0 2.06~rc1-10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.10 ant\u00e9rieures \u00e0 17.10.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.8 ant\u00e9rieures \u00e0 17.8.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Dynamics 365 (on-premises) version 9.1 ant\u00e9rieures \u00e0 1.31",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "App Installer versions ant\u00e9rieures \u00e0 1.22.11261.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38167"
},
{
"name": "CVE-2024-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38211"
},
{
"name": "CVE-2024-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38197"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2024-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38177"
},
{
"name": "CVE-2024-38168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38168"
},
{
"name": "CVE-2022-3775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3775"
}
],
"initial_release_date": "2024-08-14T00:00:00",
"last_revision_date": "2024-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0684",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3775",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3775"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-38177",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38177"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-38167",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38167"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-2601",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-2601"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-38168",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38168"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-38211",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38211"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-38197",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38197"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…