HCE1-SA-2024-0085 Moderate HCE 1.1 Security Fix(es): A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the _x27;evil_x27; the attacker could mimic a valid TuneD log line and trick the administrator. The quotes _x27;_x27; are usually used in TuneD logs citing raw user input, so there will always be the _x27; character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned_x27;s D-Bus interface for such operations. (CVE-2024-52337) HCE 1.1 tuned-2.11.0-13.hce1c.noarch.rpm tuned-utils-2.11.0-13.hce1c.noarch.rpm