Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Mageia 9: MGASA-2024-0394 moderate: tomcat RCE and DoS threats

mageia
Calendar Grey December 21, 2024
Dist Mageia Esm H88
News regarding Mageia's tomcat distributions that mitigate RCE and DoS vulnerabilities. For thorough security advisory information and affected versions, refer to official communications.
RCE due to TOCTOU issue in JSP compilation

Summary

RCE due to TOCTOU issue in JSP compilation. (CVE-2024-50379) DoS in examples web application. (CVE-2024-54677)

References

- https://bugs.mageia.org/show_bug.cgi?id=33863

- https://www.openwall.com/lists/oss-security/2024/12/17/4

- https://www.openwall.com/lists/oss-security/2024/12/17/5

- https://www.openwall.com/lists/oss-security/2024/12/17/6

- https://www.cve.org/CVERecord?id=CVE-2024-50379

- https://www.cve.org/CVERecord?id=CVE-2024-54677

Topics%20covered

Topics Covered

security advisory security issue web application DoS tomcat RCE Mageia

Resolution

SRPMS

- 9/core/tomcat-9.0.98-1.mga9

Publication date: 21 Dec 2024
URL: https://advisories.mageia.org/MGASA-2024-0394.html
Type: security
CVE: CVE-2024-50379, CVE-2024-54677

Topics%20covered

Topics Covered

security advisory security issue web application DoS tomcat RCE Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here