ISHACK AI BOT

Red Hat: CVE-2023-43786: libX11: stack exhaustion from infinite recursion in PutSubImage() (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 10/10/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. Solution(s) redhat-upgrade-libx11 redhat-upgrade-libx11-common redhat-upgrade-libx11-debuginfo redhat-upgrade-libx11-debugsource redhat-upgrade-libx11-devel redhat-upgrade-libx11-xcb redhat-upgrade-libx11-xcb-debuginfo References CVE-2023-43786 RHSA-2024:2145 RHSA-2024:2973

Red Hat: CVE-2023-39192: kernel: netfilter: xtables out-of-bounds read in u32_match_it() (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:P) Published 10/09/2023 Created 05/24/2024 Added 05/23/2024 Modified 05/23/2024 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-39192 RHSA-2024:2950 RHSA-2024:3138

Red Hat: CVE-2023-39193: kernel: netfilter: xtables sctp out-of-bounds read in match_flags() (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:P) Published 10/09/2023 Created 05/24/2024 Added 05/23/2024 Modified 12/05/2024 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-39193 RHSA-2024:2394 RHSA-2024:2950 RHSA-2024:3138

Huawei EulerOS: CVE-2023-39189: kernel security update Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-39189 CVE - 2023-39189 EulerOS-SA-2023-3336

Ubuntu: (Multiple Advisories) (CVE-2023-39192): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1126-oracle ubuntu-upgrade-linux-image-4-15-0-1147-kvm ubuntu-upgrade-linux-image-4-15-0-1157-gcp ubuntu-upgrade-linux-image-4-15-0-1163-aws ubuntu-upgrade-linux-image-4-15-0-1172-azure ubuntu-upgrade-linux-image-4-15-0-220-generic ubuntu-upgrade-linux-image-4-15-0-220-lowlatency ubuntu-upgrade-linux-image-4-4-0-1125-aws ubuntu-upgrade-linux-image-4-4-0-1126-kvm ubuntu-upgrade-linux-image-4-4-0-1163-aws ubuntu-upgrade-linux-image-4-4-0-248-generic ubuntu-upgrade-linux-image-4-4-0-248-lowlatency ubuntu-upgrade-linux-image-5-15-0-1034-gkeop ubuntu-upgrade-linux-image-5-15-0-1042-nvidia ubuntu-upgrade-linux-image-5-15-0-1042-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1044-ibm ubuntu-upgrade-linux-image-5-15-0-1044-raspi ubuntu-upgrade-linux-image-5-15-0-1046-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1048-gcp ubuntu-upgrade-linux-image-5-15-0-1048-gke ubuntu-upgrade-linux-image-5-15-0-1048-kvm ubuntu-upgrade-linux-image-5-15-0-1049-oracle ubuntu-upgrade-linux-image-5-15-0-1051-aws ubuntu-upgrade-linux-image-5-15-0-1053-azure ubuntu-upgrade-linux-image-5-15-0-1053-azure-fde ubuntu-upgrade-linux-image-5-15-0-91-generic ubuntu-upgrade-linux-image-5-15-0-91-generic-64k ubuntu-upgrade-linux-image-5-15-0-91-generic-lpae ubuntu-upgrade-linux-image-5-15-0-91-lowlatency ubuntu-upgrade-linux-image-5-15-0-91-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1028-iot ubuntu-upgrade-linux-image-5-4-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1063-ibm ubuntu-upgrade-linux-image-5-4-0-1076-bluefield ubuntu-upgrade-linux-image-5-4-0-1083-gkeop ubuntu-upgrade-linux-image-5-4-0-1100-raspi ubuntu-upgrade-linux-image-5-4-0-1104-kvm ubuntu-upgrade-linux-image-5-4-0-1115-oracle ubuntu-upgrade-linux-image-5-4-0-1116-aws ubuntu-upgrade-linux-image-5-4-0-1120-gcp ubuntu-upgrade-linux-image-5-4-0-1121-azure ubuntu-upgrade-linux-image-5-4-0-169-generic ubuntu-upgrade-linux-image-5-4-0-169-generic-lpae ubuntu-upgrade-linux-image-5-4-0-169-lowlatency ubuntu-upgrade-linux-image-6-2-0-1010-starfive ubuntu-upgrade-linux-image-6-2-0-1013-nvidia ubuntu-upgrade-linux-image-6-2-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1017-aws ubuntu-upgrade-linux-image-6-2-0-1017-oracle ubuntu-upgrade-linux-image-6-2-0-1018-azure ubuntu-upgrade-linux-image-6-2-0-1018-azure-fde ubuntu-upgrade-linux-image-6-2-0-1018-kvm ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1018-raspi ubuntu-upgrade-linux-image-6-2-0-1020-gcp ubuntu-upgrade-linux-image-6-2-0-1021-gcp ubuntu-upgrade-linux-image-6-2-0-39-generic ubuntu-upgrade-linux-image-6-2-0-39-generic-64k ubuntu-upgrade-linux-image-6-2-0-39-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-39192 CVE - 2023-39192 USN-6494-1 USN-6494-2 USN-6532-1 USN-6534-1 USN-6534-2 USN-6534-3 USN-6548-1 USN-6548-2 USN-6548-3 USN-6548-4 USN-6548-5 USN-6549-1 USN-6549-2 USN-6549-3 USN-6549-4 USN-6549-5 USN-6635-1 View more

Red Hat: CVE-2023-39194: kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match() (Multiple Advisories) Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 10/09/2023 Created 05/24/2024 Added 05/23/2024 Modified 12/05/2024 Description A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-39194 RHSA-2024:2394 RHSA-2024:2950 RHSA-2024:3138

VMware Photon OS: CVE-2023-39192 Severity 5 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:P) Published 10/09/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-39192 CVE - 2023-39192

Huawei EulerOS: CVE-2023-39192: kernel security update Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure. Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-39192 CVE - 2023-39192 EulerOS-SA-2024-1275

Alma Linux: CVE-2023-39193: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2023-39193 CVE - 2023-39193 https://errata.almalinux.org/8/ALSA-2024-2950.html https://errata.almalinux.org/8/ALSA-2024-3138.html https://errata.almalinux.org/9/ALSA-2024-2394.html

Ubuntu: (Multiple Advisories) (CVE-2023-39189): Linux kernel (OEM) vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1126-oracle ubuntu-upgrade-linux-image-4-15-0-1147-kvm ubuntu-upgrade-linux-image-4-15-0-1157-gcp ubuntu-upgrade-linux-image-4-15-0-1163-aws ubuntu-upgrade-linux-image-4-15-0-1172-azure ubuntu-upgrade-linux-image-4-15-0-220-generic ubuntu-upgrade-linux-image-4-15-0-220-lowlatency ubuntu-upgrade-linux-image-4-4-0-1125-aws ubuntu-upgrade-linux-image-4-4-0-1126-kvm ubuntu-upgrade-linux-image-4-4-0-1163-aws ubuntu-upgrade-linux-image-4-4-0-248-generic ubuntu-upgrade-linux-image-4-4-0-248-lowlatency ubuntu-upgrade-linux-image-5-15-0-1034-gkeop ubuntu-upgrade-linux-image-5-15-0-1042-nvidia ubuntu-upgrade-linux-image-5-15-0-1042-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1044-ibm ubuntu-upgrade-linux-image-5-15-0-1044-raspi ubuntu-upgrade-linux-image-5-15-0-1046-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1048-gcp ubuntu-upgrade-linux-image-5-15-0-1048-gke ubuntu-upgrade-linux-image-5-15-0-1048-kvm ubuntu-upgrade-linux-image-5-15-0-1049-oracle ubuntu-upgrade-linux-image-5-15-0-1051-aws ubuntu-upgrade-linux-image-5-15-0-1053-azure ubuntu-upgrade-linux-image-5-15-0-1053-azure-fde ubuntu-upgrade-linux-image-5-15-0-91-generic ubuntu-upgrade-linux-image-5-15-0-91-generic-64k ubuntu-upgrade-linux-image-5-15-0-91-generic-lpae ubuntu-upgrade-linux-image-5-15-0-91-lowlatency ubuntu-upgrade-linux-image-5-15-0-91-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1028-iot ubuntu-upgrade-linux-image-5-4-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1063-ibm ubuntu-upgrade-linux-image-5-4-0-1076-bluefield ubuntu-upgrade-linux-image-5-4-0-1083-gkeop ubuntu-upgrade-linux-image-5-4-0-1100-raspi ubuntu-upgrade-linux-image-5-4-0-1104-kvm ubuntu-upgrade-linux-image-5-4-0-1115-oracle ubuntu-upgrade-linux-image-5-4-0-1116-aws ubuntu-upgrade-linux-image-5-4-0-1120-gcp ubuntu-upgrade-linux-image-5-4-0-1121-azure ubuntu-upgrade-linux-image-5-4-0-169-generic ubuntu-upgrade-linux-image-5-4-0-169-generic-lpae ubuntu-upgrade-linux-image-5-4-0-169-lowlatency ubuntu-upgrade-linux-image-6-1-0-1025-oem ubuntu-upgrade-linux-image-6-2-0-1010-starfive ubuntu-upgrade-linux-image-6-2-0-1013-nvidia ubuntu-upgrade-linux-image-6-2-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1017-aws ubuntu-upgrade-linux-image-6-2-0-1017-oracle ubuntu-upgrade-linux-image-6-2-0-1018-azure ubuntu-upgrade-linux-image-6-2-0-1018-azure-fde ubuntu-upgrade-linux-image-6-2-0-1018-kvm ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1018-raspi ubuntu-upgrade-linux-image-6-2-0-1020-gcp ubuntu-upgrade-linux-image-6-2-0-1021-gcp ubuntu-upgrade-linux-image-6-2-0-39-generic ubuntu-upgrade-linux-image-6-2-0-39-generic-64k ubuntu-upgrade-linux-image-6-2-0-39-generic-lpae ubuntu-upgrade-linux-image-6-5-0-1005-starfive ubuntu-upgrade-linux-image-6-5-0-1007-laptop ubuntu-upgrade-linux-image-6-5-0-1008-raspi ubuntu-upgrade-linux-image-6-5-0-1009-oem ubuntu-upgrade-linux-image-6-5-0-1010-azure ubuntu-upgrade-linux-image-6-5-0-1010-azure-fde ubuntu-upgrade-linux-image-6-5-0-1010-gcp ubuntu-upgrade-linux-image-6-5-0-1011-aws ubuntu-upgrade-linux-image-6-5-0-1013-oracle ubuntu-upgrade-linux-image-6-5-0-14-generic ubuntu-upgrade-linux-image-6-5-0-14-generic-64k ubuntu-upgrade-linux-image-6-5-0-14-lowlatency ubuntu-upgrade-linux-image-6-5-0-14-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-laptop-23-10 ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-39189 CVE - 2023-39189 USN-6461-1 USN-6494-1 USN-6494-2 USN-6532-1 USN-6534-1 USN-6534-2 USN-6534-3 USN-6536-1 USN-6537-1 USN-6548-1 USN-6548-2 USN-6548-3 USN-6548-4 USN-6548-5 USN-6549-1 USN-6549-2 USN-6549-3 USN-6549-4 USN-6549-5 USN-6573-1 USN-6635-1 View more

Rocky Linux: CVE-2023-39193: kernel (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-39193 CVE - 2023-39193 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

Huawei EulerOS: CVE-2023-39194: kernel security update Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 10/09/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure. Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-39194 CVE - 2023-39194 EulerOS-SA-2024-1275

Alma Linux: CVE-2023-39192: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-39192 CVE - 2023-39192 https://errata.almalinux.org/8/ALSA-2024-2950.html https://errata.almalinux.org/8/ALSA-2024-3138.html

SUSE: CVE-2023-43641: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/09/2023 Created 10/18/2023 Added 10/18/2023 Modified 01/28/2025 Description libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. Solution(s) suse-upgrade-libcue-devel suse-upgrade-libcue2 References https://attackerkb.com/topics/cve-2023-43641 CVE - 2023-43641

VMware Photon OS: CVE-2023-39189 Severity 5 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:P) Published 10/09/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-39189 CVE - 2023-39189

Debian: CVE-2023-43641: libcue -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/09/2023 Created 10/13/2023 Added 10/13/2023 Modified 01/28/2025 Description libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. Solution(s) debian-upgrade-libcue References https://attackerkb.com/topics/cve-2023-43641 CVE - 2023-43641 DLA-3615-1 DSA-5524-1

SUSE: CVE-2023-5341: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/09/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. Solution(s) suse-upgrade-imagemagick suse-upgrade-imagemagick-config-6-suse suse-upgrade-imagemagick-config-6-upstream suse-upgrade-imagemagick-config-7-suse suse-upgrade-imagemagick-config-7-upstream suse-upgrade-imagemagick-devel suse-upgrade-imagemagick-devel-32bit suse-upgrade-imagemagick-doc suse-upgrade-imagemagick-extra suse-upgrade-libmagick-6_q16-3 suse-upgrade-libmagick-7_q16hdri4 suse-upgrade-libmagick-7_q16hdri4-32bit suse-upgrade-libmagick-7_q16hdri5 suse-upgrade-libmagick-7_q16hdri5-32bit suse-upgrade-libmagick-devel suse-upgrade-libmagick-devel-32bit suse-upgrade-libmagickcore-6_q16-1 suse-upgrade-libmagickcore-6_q16-1-32bit suse-upgrade-libmagickcore-7_q16hdri10 suse-upgrade-libmagickcore-7_q16hdri10-32bit suse-upgrade-libmagickcore-7_q16hdri6 suse-upgrade-libmagickcore-7_q16hdri6-32bit suse-upgrade-libmagickwand-6_q16-1 suse-upgrade-libmagickwand-7_q16hdri10 suse-upgrade-libmagickwand-7_q16hdri10-32bit suse-upgrade-libmagickwand-7_q16hdri6 suse-upgrade-libmagickwand-7_q16hdri6-32bit suse-upgrade-perl-perlmagick References https://attackerkb.com/topics/cve-2023-5341 CVE - 2023-5341

Ubuntu: (Multiple Advisories) (CVE-2023-39193): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 10/09/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1126-oracle ubuntu-upgrade-linux-image-4-15-0-1147-kvm ubuntu-upgrade-linux-image-4-15-0-1157-gcp ubuntu-upgrade-linux-image-4-15-0-1163-aws ubuntu-upgrade-linux-image-4-15-0-1172-azure ubuntu-upgrade-linux-image-4-15-0-220-generic ubuntu-upgrade-linux-image-4-15-0-220-lowlatency ubuntu-upgrade-linux-image-4-4-0-1125-aws ubuntu-upgrade-linux-image-4-4-0-1126-kvm ubuntu-upgrade-linux-image-4-4-0-1163-aws ubuntu-upgrade-linux-image-4-4-0-248-generic ubuntu-upgrade-linux-image-4-4-0-248-lowlatency ubuntu-upgrade-linux-image-5-15-0-1034-gkeop ubuntu-upgrade-linux-image-5-15-0-1042-nvidia ubuntu-upgrade-linux-image-5-15-0-1042-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1044-ibm ubuntu-upgrade-linux-image-5-15-0-1044-raspi ubuntu-upgrade-linux-image-5-15-0-1046-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1048-gcp ubuntu-upgrade-linux-image-5-15-0-1048-gke ubuntu-upgrade-linux-image-5-15-0-1048-kvm ubuntu-upgrade-linux-image-5-15-0-1049-oracle ubuntu-upgrade-linux-image-5-15-0-1051-aws ubuntu-upgrade-linux-image-5-15-0-1053-azure ubuntu-upgrade-linux-image-5-15-0-1053-azure-fde ubuntu-upgrade-linux-image-5-15-0-91-generic ubuntu-upgrade-linux-image-5-15-0-91-generic-64k ubuntu-upgrade-linux-image-5-15-0-91-generic-lpae ubuntu-upgrade-linux-image-5-15-0-91-lowlatency ubuntu-upgrade-linux-image-5-15-0-91-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1028-iot ubuntu-upgrade-linux-image-5-4-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1063-ibm ubuntu-upgrade-linux-image-5-4-0-1076-bluefield ubuntu-upgrade-linux-image-5-4-0-1083-gkeop ubuntu-upgrade-linux-image-5-4-0-1100-raspi ubuntu-upgrade-linux-image-5-4-0-1104-kvm ubuntu-upgrade-linux-image-5-4-0-1115-oracle ubuntu-upgrade-linux-image-5-4-0-1116-aws ubuntu-upgrade-linux-image-5-4-0-1120-gcp ubuntu-upgrade-linux-image-5-4-0-1121-azure ubuntu-upgrade-linux-image-5-4-0-169-generic ubuntu-upgrade-linux-image-5-4-0-169-generic-lpae ubuntu-upgrade-linux-image-5-4-0-169-lowlatency ubuntu-upgrade-linux-image-6-2-0-1010-starfive ubuntu-upgrade-linux-image-6-2-0-1013-nvidia ubuntu-upgrade-linux-image-6-2-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1017-aws ubuntu-upgrade-linux-image-6-2-0-1017-oracle ubuntu-upgrade-linux-image-6-2-0-1018-azure ubuntu-upgrade-linux-image-6-2-0-1018-azure-fde ubuntu-upgrade-linux-image-6-2-0-1018-kvm ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1018-raspi ubuntu-upgrade-linux-image-6-2-0-1020-gcp ubuntu-upgrade-linux-image-6-2-0-1021-gcp ubuntu-upgrade-linux-image-6-2-0-39-generic ubuntu-upgrade-linux-image-6-2-0-39-generic-64k ubuntu-upgrade-linux-image-6-2-0-39-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-39193 CVE - 2023-39193 USN-6494-1 USN-6494-2 USN-6532-1 USN-6534-1 USN-6534-2 USN-6534-3 USN-6548-1 USN-6548-2 USN-6548-3 USN-6548-4 USN-6548-5 USN-6549-1 USN-6549-2 USN-6549-3 USN-6549-4 USN-6549-5 USN-6635-1 View more

Alpine Linux: CVE-2023-43641: Out-of-bounds Write Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/09/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. Solution(s) alpine-linux-upgrade-libcue References https://attackerkb.com/topics/cve-2023-43641 CVE - 2023-43641 https://security.alpinelinux.org/vuln/CVE-2023-43641

MediaWiki: Unspecified Security Vulnerability (CVE-2023-45367) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 10/09/2023 Created 10/16/2023 Added 10/16/2023 Modified 01/28/2025 Description An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cu_useragent_clienthints, leading to a denial of service. Solution(s) mediawiki-upgrade-1_35_12 mediawiki-upgrade-1_39_5 References https://attackerkb.com/topics/cve-2023-45367 CVE - 2023-45367 https://phabricator.wikimedia.org/T344923

MediaWiki: Loop with Unreachable Exit Condition ('Infinite Loop') (CVE-2023-45363) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/09/2023 Created 10/16/2023 Added 10/16/2023 Modified 01/28/2025 Description An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set. Solution(s) mediawiki-upgrade-1_35_12 mediawiki-upgrade-1_39_5 References https://attackerkb.com/topics/cve-2023-45363 CVE - 2023-45363 https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html https://phabricator.wikimedia.org/T333050 https://www.debian.org/security/2023/dsa-5520

Gentoo Linux: CVE-2022-44758: Heimdal: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 10/08/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content.An attacker can gain access to information that is not explicitly authorized. Solution(s) gentoo-linux-upgrade-app-crypt-heimdal References https://attackerkb.com/topics/cve-2022-44758 CVE - 2022-44758 202310-06

Gentoo Linux: CVE-2023-45199: Mbed TLS: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/07/2023 Created 09/24/2024 Added 09/23/2024 Modified 01/28/2025 Description Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. Solution(s) gentoo-linux-upgrade-net-libs-mbedtls References https://attackerkb.com/topics/cve-2023-45199 CVE - 2023-45199 202409-14

Alpine Linux: CVE-2023-43615: Classic Buffer Overflow Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/07/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. Solution(s) alpine-linux-upgrade-mbedtls alpine-linux-upgrade-mbedtls2 References https://attackerkb.com/topics/cve-2023-43615 CVE - 2023-43615 https://security.alpinelinux.org/vuln/CVE-2023-43615

Gentoo Linux: CVE-2023-43615: Mbed TLS: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/07/2023 Created 09/24/2024 Added 09/23/2024 Modified 01/28/2025 Description Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. Solution(s) gentoo-linux-upgrade-net-libs-mbedtls References https://attackerkb.com/topics/cve-2023-43615 CVE - 2023-43615 202409-14