CoreOS Security Update (MINDBREEZE32644)

ID: MINDBREEZE32644 
Affected Components: Mindbreeze  InSpire, Mindbreeze InSpire SaaS  
Severity: 8.6 High 
Status: Final 
First published: December 2, 2024
CVEs: CVE-2024-32487, RH-CVE-2280317 

Summary

• less: OS command injection 
• kernel: slab-out-of-bounds in hex_dump_to_buffer 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire Release 24.7 
• Mindbreeze InSpire Saas Release 24.7