ISHACK AI BOT

Huawei EulerOS: CVE-2023-42754: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. Solution(s) huawei-euleros-2_0_sp5-upgrade-kernel huawei-euleros-2_0_sp5-upgrade-kernel-devel huawei-euleros-2_0_sp5-upgrade-kernel-headers huawei-euleros-2_0_sp5-upgrade-kernel-tools huawei-euleros-2_0_sp5-upgrade-kernel-tools-libs huawei-euleros-2_0_sp5-upgrade-perf huawei-euleros-2_0_sp5-upgrade-python-perf References https://attackerkb.com/topics/cve-2023-42754 CVE - 2023-42754 EulerOS-SA-2024-1144

Ubuntu: (Multiple Advisories) (CVE-2023-42754): Linux kernel (OEM) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1126-oracle ubuntu-upgrade-linux-image-4-15-0-1147-kvm ubuntu-upgrade-linux-image-4-15-0-1157-gcp ubuntu-upgrade-linux-image-4-15-0-1163-aws ubuntu-upgrade-linux-image-4-15-0-1172-azure ubuntu-upgrade-linux-image-4-15-0-220-generic ubuntu-upgrade-linux-image-4-15-0-220-lowlatency ubuntu-upgrade-linux-image-4-4-0-1125-aws ubuntu-upgrade-linux-image-4-4-0-1126-kvm ubuntu-upgrade-linux-image-4-4-0-1163-aws ubuntu-upgrade-linux-image-4-4-0-248-generic ubuntu-upgrade-linux-image-4-4-0-248-lowlatency ubuntu-upgrade-linux-image-5-15-0-1034-gkeop ubuntu-upgrade-linux-image-5-15-0-1042-nvidia ubuntu-upgrade-linux-image-5-15-0-1042-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1044-ibm ubuntu-upgrade-linux-image-5-15-0-1044-raspi ubuntu-upgrade-linux-image-5-15-0-1046-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1048-gcp ubuntu-upgrade-linux-image-5-15-0-1048-gke ubuntu-upgrade-linux-image-5-15-0-1048-kvm ubuntu-upgrade-linux-image-5-15-0-1049-oracle ubuntu-upgrade-linux-image-5-15-0-1051-aws ubuntu-upgrade-linux-image-5-15-0-1053-azure ubuntu-upgrade-linux-image-5-15-0-1053-azure-fde ubuntu-upgrade-linux-image-5-15-0-91-generic ubuntu-upgrade-linux-image-5-15-0-91-generic-64k ubuntu-upgrade-linux-image-5-15-0-91-generic-lpae ubuntu-upgrade-linux-image-5-15-0-91-lowlatency ubuntu-upgrade-linux-image-5-15-0-91-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1028-iot ubuntu-upgrade-linux-image-5-4-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1063-ibm ubuntu-upgrade-linux-image-5-4-0-1076-bluefield ubuntu-upgrade-linux-image-5-4-0-1083-gkeop ubuntu-upgrade-linux-image-5-4-0-1100-raspi ubuntu-upgrade-linux-image-5-4-0-1104-kvm ubuntu-upgrade-linux-image-5-4-0-1115-oracle ubuntu-upgrade-linux-image-5-4-0-1116-aws ubuntu-upgrade-linux-image-5-4-0-1120-gcp ubuntu-upgrade-linux-image-5-4-0-1121-azure ubuntu-upgrade-linux-image-5-4-0-169-generic ubuntu-upgrade-linux-image-5-4-0-169-generic-lpae ubuntu-upgrade-linux-image-5-4-0-169-lowlatency ubuntu-upgrade-linux-image-6-1-0-1025-oem ubuntu-upgrade-linux-image-6-2-0-1010-starfive ubuntu-upgrade-linux-image-6-2-0-1013-nvidia ubuntu-upgrade-linux-image-6-2-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1017-aws ubuntu-upgrade-linux-image-6-2-0-1017-oracle ubuntu-upgrade-linux-image-6-2-0-1018-azure ubuntu-upgrade-linux-image-6-2-0-1018-azure-fde ubuntu-upgrade-linux-image-6-2-0-1018-kvm ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency ubuntu-upgrade-linux-image-6-2-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1018-raspi ubuntu-upgrade-linux-image-6-2-0-1020-gcp ubuntu-upgrade-linux-image-6-2-0-1021-gcp ubuntu-upgrade-linux-image-6-2-0-39-generic ubuntu-upgrade-linux-image-6-2-0-39-generic-64k ubuntu-upgrade-linux-image-6-2-0-39-generic-lpae ubuntu-upgrade-linux-image-6-5-0-1005-starfive ubuntu-upgrade-linux-image-6-5-0-1007-laptop ubuntu-upgrade-linux-image-6-5-0-1008-raspi ubuntu-upgrade-linux-image-6-5-0-1009-oem ubuntu-upgrade-linux-image-6-5-0-1010-azure ubuntu-upgrade-linux-image-6-5-0-1010-azure-fde ubuntu-upgrade-linux-image-6-5-0-1010-gcp ubuntu-upgrade-linux-image-6-5-0-1011-aws ubuntu-upgrade-linux-image-6-5-0-1013-oracle ubuntu-upgrade-linux-image-6-5-0-14-generic ubuntu-upgrade-linux-image-6-5-0-14-generic-64k ubuntu-upgrade-linux-image-6-5-0-14-lowlatency ubuntu-upgrade-linux-image-6-5-0-14-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-laptop-23-10 ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-42754 CVE - 2023-42754 USN-6461-1 USN-6494-1 USN-6494-2 USN-6532-1 USN-6534-1 USN-6534-2 USN-6534-3 USN-6536-1 USN-6537-1 USN-6548-1 USN-6548-2 USN-6548-3 USN-6548-4 USN-6548-5 USN-6549-1 USN-6549-2 USN-6549-3 USN-6549-4 USN-6549-5 USN-6573-1 USN-6635-1 View more

Rocky Linux: CVE-2023-42755: kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-42755 CVE - 2023-42755 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

Ubuntu: (Multiple Advisories) (CVE-2023-39323): Go vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/05/2023 Created 01/13/2024 Added 01/12/2024 Modified 01/30/2025 Description Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex. Solution(s) ubuntu-pro-upgrade-golang-1-17 ubuntu-pro-upgrade-golang-1-17-go ubuntu-pro-upgrade-golang-1-17-src ubuntu-pro-upgrade-golang-1-18 ubuntu-pro-upgrade-golang-1-18-go ubuntu-pro-upgrade-golang-1-18-src ubuntu-pro-upgrade-golang-1-20 ubuntu-pro-upgrade-golang-1-20-go ubuntu-pro-upgrade-golang-1-20-src ubuntu-pro-upgrade-golang-1-21 ubuntu-pro-upgrade-golang-1-21-go ubuntu-pro-upgrade-golang-1-21-src References https://attackerkb.com/topics/cve-2023-39323 CVE - 2023-39323 USN-6574-1 USN-7109-1 USN-7111-1

VMware Photon OS: CVE-2023-5346 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-5346 CVE - 2023-5346

SUSE: CVE-2023-42114: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/05/2023 Created 10/06/2023 Added 10/06/2023 Modified 05/06/2024 Description Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-17433. Solution(s) suse-upgrade-exim suse-upgrade-eximon suse-upgrade-eximstats-html References https://attackerkb.com/topics/cve-2023-42114 CVE - 2023-42114

VMware Photon OS: CVE-2023-39323 Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-39323 CVE - 2023-39323

VMware Photon OS: CVE-2023-41175 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-41175 CVE - 2023-41175

VMware Photon OS: CVE-2023-40745 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-40745 CVE - 2023-40745

VMware Photon OS: CVE-2023-42754 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-42754 CVE - 2023-42754

SUSE: CVE-2023-4881: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/05/2023 Created 10/06/2023 Added 10/06/2023 Modified 05/28/2024 Description Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-4881 CVE - 2023-4881

Red Hat JBossEAP: Memory Allocation with Excessive Size Value (CVE-2023-3171) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/05/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.. A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2023-3171 CVE - 2023-3171 https://access.redhat.com/security/cve/CVE-2023-3171 https://bugzilla.redhat.com/show_bug.cgi?id=2213639 https://access.redhat.com/errata/RHSA-2023:5484 https://access.redhat.com/errata/RHSA-2023:5485 https://access.redhat.com/errata/RHSA-2023:5486 https://access.redhat.com/errata/RHSA-2023:5488 View more

Red Hat JBossEAP: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2023-4061) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:C/A:N) Published 10/05/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.. A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2023-4061 CVE - 2023-4061 https://access.redhat.com/security/cve/CVE-2023-4061 https://bugzilla.redhat.com/show_bug.cgi?id=2228608 https://access.redhat.com/errata/RHSA-2023:5484 https://access.redhat.com/errata/RHSA-2023:5485 https://access.redhat.com/errata/RHSA-2023:5486 https://access.redhat.com/errata/RHSA-2023:5488 View more

Rocky Linux: CVE-2023-42754: kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-42754 CVE - 2023-42754 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

VMware Photon OS: CVE-2023-5441 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-5441 CVE - 2023-5441

VMware Photon OS: CVE-2023-42755 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-42755 CVE - 2023-42755

Alma Linux: CVE-2023-42754: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2023-42754 CVE - 2023-42754 https://errata.almalinux.org/8/ALSA-2024-2950.html https://errata.almalinux.org/8/ALSA-2024-3138.html https://errata.almalinux.org/9/ALSA-2024-2394.html

Debian: CVE-2023-42755: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-42755 CVE - 2023-42755 DLA-3623-1

Alpine Linux: CVE-2023-5441: NULL Pointer Dereference Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/05/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Solution(s) alpine-linux-upgrade-vim References https://attackerkb.com/topics/cve-2023-5441 CVE - 2023-5441 https://security.alpinelinux.org/vuln/CVE-2023-5441

Alma Linux: CVE-2023-42755: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/05/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-42755 CVE - 2023-42755 https://errata.almalinux.org/8/ALSA-2024-2950.html https://errata.almalinux.org/8/ALSA-2024-3138.html

Amazon Linux AMI: CVE-2023-5441: Security patch for vim (ALAS-2023-1893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/05/2023 Created 12/07/2023 Added 12/05/2023 Modified 01/28/2025 Description NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1893 CVE-2023-5441

Amazon Linux AMI: CVE-2023-39323: Security patch for golang (ALAS-2023-1871) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/05/2023 Created 10/24/2023 Added 10/19/2023 Modified 01/28/2025 Description Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex. Solution(s) amazon-linux-upgrade-golang References ALAS-2023-1871 CVE-2023-39323

SUSE: CVE-2023-43789: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/04/2023 Created 10/05/2023 Added 10/05/2023 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) suse-upgrade-libxpm-devel suse-upgrade-libxpm-devel-32bit suse-upgrade-libxpm-tools suse-upgrade-libxpm4 suse-upgrade-libxpm4-32bit References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789

Debian: CVE-2023-42116: exim4 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/04/2023 Created 10/04/2023 Added 10/04/2023 Modified 09/20/2024 Description Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17515. Solution(s) debian-upgrade-exim4 References https://attackerkb.com/topics/cve-2023-42116 CVE - 2023-42116 DLA-3599-1 DSA-5512-1

IBM AIX: python_advisory7 (CVE-2023-43804): Vulnerability in python affects AIX Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:N) Published 10/04/2023 Created 12/23/2023 Added 12/22/2023 Modified 01/30/2025 Description urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5. Solution(s) ibm-aix-python_advisory7 References https://attackerkb.com/topics/cve-2023-43804 CVE - 2023-43804 https://aix.software.ibm.com/aix/efixes/security/python_advisory7.asc