Authd Security Update Advisory (CVE-2024-9312)

Oct 18 2024

Overview

An update has been released to address vulnerabilities in Authd. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-9312

Authd versions: ~ 0.3.6 (excluded)

Resolved Vulnerabilities

Insufficient randomization of user IDs to prevent collisions, which could allow local attackers to gain privileges by spoofing another user’s ID (CVE-2024-9312)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-9312

Authd version: 0.3.6

Referenced Sites

[1] CVE-2024-9312 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-9312

[2] Attacker-controlled usernames yield controllable UIDs

https://github.com/ubuntu/authd/security/advisories/GHSA-4gfw-wf7c-w6g2

Authd Security Update Advisory (CVE-2024-9312)

Google Chrome Browser (130.0.6723.58/.59) Security Update Advisory

Microsoft Edge browser (130.0.6723.59) version security update advisory

Tags:

Google Chrome Browser (130.0.6723.58/.59) Security Update Advisory

Microsoft Edge browser (130.0.6723.59) version security update advisory