ISHACK AI BOT

Gentoo Linux: CVE-2023-4911: glibc: Multiple vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/03/2023 Created 10/05/2023 Added 10/05/2023 Modified 01/30/2025 Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. Solution(s) gentoo-linux-upgrade-sys-libs-glibc References https://attackerkb.com/topics/cve-2023-4911 CVE - 2023-4911 202310-03

Rocky Linux: CVE-2023-4911: glibc (RLSA-2023-5455) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/03/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. Solution(s) rocky-upgrade-compat-libpthread-nonshared rocky-upgrade-glibc rocky-upgrade-glibc-all-langpacks rocky-upgrade-glibc-all-langpacks-debuginfo rocky-upgrade-glibc-benchtests rocky-upgrade-glibc-benchtests-debuginfo rocky-upgrade-glibc-common rocky-upgrade-glibc-common-debuginfo rocky-upgrade-glibc-debuginfo rocky-upgrade-glibc-debugsource rocky-upgrade-glibc-devel rocky-upgrade-glibc-gconv-extra rocky-upgrade-glibc-gconv-extra-debuginfo rocky-upgrade-glibc-headers rocky-upgrade-glibc-langpack-aa rocky-upgrade-glibc-langpack-af rocky-upgrade-glibc-langpack-agr rocky-upgrade-glibc-langpack-ak rocky-upgrade-glibc-langpack-am rocky-upgrade-glibc-langpack-an rocky-upgrade-glibc-langpack-anp rocky-upgrade-glibc-langpack-ar rocky-upgrade-glibc-langpack-as rocky-upgrade-glibc-langpack-ast rocky-upgrade-glibc-langpack-ayc rocky-upgrade-glibc-langpack-az rocky-upgrade-glibc-langpack-be rocky-upgrade-glibc-langpack-bem rocky-upgrade-glibc-langpack-ber rocky-upgrade-glibc-langpack-bg rocky-upgrade-glibc-langpack-bhb rocky-upgrade-glibc-langpack-bho rocky-upgrade-glibc-langpack-bi rocky-upgrade-glibc-langpack-bn rocky-upgrade-glibc-langpack-bo rocky-upgrade-glibc-langpack-br rocky-upgrade-glibc-langpack-brx rocky-upgrade-glibc-langpack-bs rocky-upgrade-glibc-langpack-byn rocky-upgrade-glibc-langpack-ca rocky-upgrade-glibc-langpack-ce rocky-upgrade-glibc-langpack-chr rocky-upgrade-glibc-langpack-cmn rocky-upgrade-glibc-langpack-crh rocky-upgrade-glibc-langpack-cs rocky-upgrade-glibc-langpack-csb rocky-upgrade-glibc-langpack-cv rocky-upgrade-glibc-langpack-cy rocky-upgrade-glibc-langpack-da rocky-upgrade-glibc-langpack-de rocky-upgrade-glibc-langpack-doi rocky-upgrade-glibc-langpack-dsb rocky-upgrade-glibc-langpack-dv rocky-upgrade-glibc-langpack-dz rocky-upgrade-glibc-langpack-el rocky-upgrade-glibc-langpack-en rocky-upgrade-glibc-langpack-eo rocky-upgrade-glibc-langpack-es rocky-upgrade-glibc-langpack-et rocky-upgrade-glibc-langpack-eu rocky-upgrade-glibc-langpack-fa rocky-upgrade-glibc-langpack-ff rocky-upgrade-glibc-langpack-fi rocky-upgrade-glibc-langpack-fil rocky-upgrade-glibc-langpack-fo rocky-upgrade-glibc-langpack-fr rocky-upgrade-glibc-langpack-fur rocky-upgrade-glibc-langpack-fy rocky-upgrade-glibc-langpack-ga rocky-upgrade-glibc-langpack-gd rocky-upgrade-glibc-langpack-gez rocky-upgrade-glibc-langpack-gl rocky-upgrade-glibc-langpack-gu rocky-upgrade-glibc-langpack-gv rocky-upgrade-glibc-langpack-ha rocky-upgrade-glibc-langpack-hak rocky-upgrade-glibc-langpack-he rocky-upgrade-glibc-langpack-hi rocky-upgrade-glibc-langpack-hif rocky-upgrade-glibc-langpack-hne rocky-upgrade-glibc-langpack-hr rocky-upgrade-glibc-langpack-hsb rocky-upgrade-glibc-langpack-ht rocky-upgrade-glibc-langpack-hu rocky-upgrade-glibc-langpack-hy rocky-upgrade-glibc-langpack-ia rocky-upgrade-glibc-langpack-id rocky-upgrade-glibc-langpack-ig rocky-upgrade-glibc-langpack-ik rocky-upgrade-glibc-langpack-is rocky-upgrade-glibc-langpack-it rocky-upgrade-glibc-langpack-iu rocky-upgrade-glibc-langpack-ja rocky-upgrade-glibc-langpack-ka rocky-upgrade-glibc-langpack-kab rocky-upgrade-glibc-langpack-kk rocky-upgrade-glibc-langpack-kl rocky-upgrade-glibc-langpack-km rocky-upgrade-glibc-langpack-kn rocky-upgrade-glibc-langpack-ko rocky-upgrade-glibc-langpack-kok rocky-upgrade-glibc-langpack-ks rocky-upgrade-glibc-langpack-ku rocky-upgrade-glibc-langpack-kw rocky-upgrade-glibc-langpack-ky rocky-upgrade-glibc-langpack-lb rocky-upgrade-glibc-langpack-lg rocky-upgrade-glibc-langpack-li rocky-upgrade-glibc-langpack-lij rocky-upgrade-glibc-langpack-ln rocky-upgrade-glibc-langpack-lo rocky-upgrade-glibc-langpack-lt rocky-upgrade-glibc-langpack-lv rocky-upgrade-glibc-langpack-lzh rocky-upgrade-glibc-langpack-mag rocky-upgrade-glibc-langpack-mai rocky-upgrade-glibc-langpack-mfe rocky-upgrade-glibc-langpack-mg rocky-upgrade-glibc-langpack-mhr rocky-upgrade-glibc-langpack-mi rocky-upgrade-glibc-langpack-miq rocky-upgrade-glibc-langpack-mjw rocky-upgrade-glibc-langpack-mk rocky-upgrade-glibc-langpack-ml rocky-upgrade-glibc-langpack-mn rocky-upgrade-glibc-langpack-mni rocky-upgrade-glibc-langpack-mr rocky-upgrade-glibc-langpack-ms rocky-upgrade-glibc-langpack-mt rocky-upgrade-glibc-langpack-my rocky-upgrade-glibc-langpack-nan rocky-upgrade-glibc-langpack-nb rocky-upgrade-glibc-langpack-nds rocky-upgrade-glibc-langpack-ne rocky-upgrade-glibc-langpack-nhn rocky-upgrade-glibc-langpack-niu rocky-upgrade-glibc-langpack-nl rocky-upgrade-glibc-langpack-nn rocky-upgrade-glibc-langpack-nr rocky-upgrade-glibc-langpack-nso rocky-upgrade-glibc-langpack-oc rocky-upgrade-glibc-langpack-om rocky-upgrade-glibc-langpack-or rocky-upgrade-glibc-langpack-os rocky-upgrade-glibc-langpack-pa rocky-upgrade-glibc-langpack-pap rocky-upgrade-glibc-langpack-pl rocky-upgrade-glibc-langpack-ps rocky-upgrade-glibc-langpack-pt rocky-upgrade-glibc-langpack-quz rocky-upgrade-glibc-langpack-raj rocky-upgrade-glibc-langpack-ro rocky-upgrade-glibc-langpack-ru rocky-upgrade-glibc-langpack-rw rocky-upgrade-glibc-langpack-sa rocky-upgrade-glibc-langpack-sah rocky-upgrade-glibc-langpack-sat rocky-upgrade-glibc-langpack-sc rocky-upgrade-glibc-langpack-sd rocky-upgrade-glibc-langpack-se rocky-upgrade-glibc-langpack-sgs rocky-upgrade-glibc-langpack-shn rocky-upgrade-glibc-langpack-shs rocky-upgrade-glibc-langpack-si rocky-upgrade-glibc-langpack-sid rocky-upgrade-glibc-langpack-sk rocky-upgrade-glibc-langpack-sl rocky-upgrade-glibc-langpack-sm rocky-upgrade-glibc-langpack-so rocky-upgrade-glibc-langpack-sq rocky-upgrade-glibc-langpack-sr rocky-upgrade-glibc-langpack-ss rocky-upgrade-glibc-langpack-st rocky-upgrade-glibc-langpack-sv rocky-upgrade-glibc-langpack-sw rocky-upgrade-glibc-langpack-szl rocky-upgrade-glibc-langpack-ta rocky-upgrade-glibc-langpack-tcy rocky-upgrade-glibc-langpack-te rocky-upgrade-glibc-langpack-tg rocky-upgrade-glibc-langpack-th rocky-upgrade-glibc-langpack-the rocky-upgrade-glibc-langpack-ti rocky-upgrade-glibc-langpack-tig rocky-upgrade-glibc-langpack-tk rocky-upgrade-glibc-langpack-tl rocky-upgrade-glibc-langpack-tn rocky-upgrade-glibc-langpack-to rocky-upgrade-glibc-langpack-tpi rocky-upgrade-glibc-langpack-tr rocky-upgrade-glibc-langpack-ts rocky-upgrade-glibc-langpack-tt rocky-upgrade-glibc-langpack-ug rocky-upgrade-glibc-langpack-uk rocky-upgrade-glibc-langpack-unm rocky-upgrade-glibc-langpack-ur rocky-upgrade-glibc-langpack-uz rocky-upgrade-glibc-langpack-ve rocky-upgrade-glibc-langpack-vi rocky-upgrade-glibc-langpack-wa rocky-upgrade-glibc-langpack-wae rocky-upgrade-glibc-langpack-wal rocky-upgrade-glibc-langpack-wo rocky-upgrade-glibc-langpack-xh rocky-upgrade-glibc-langpack-yi rocky-upgrade-glibc-langpack-yo rocky-upgrade-glibc-langpack-yue rocky-upgrade-glibc-langpack-yuw rocky-upgrade-glibc-langpack-zh rocky-upgrade-glibc-langpack-zu rocky-upgrade-glibc-locale-source rocky-upgrade-glibc-minimal-langpack rocky-upgrade-glibc-nss-devel rocky-upgrade-glibc-static rocky-upgrade-glibc-utils rocky-upgrade-glibc-utils-debuginfo rocky-upgrade-libnsl rocky-upgrade-libnsl-debuginfo rocky-upgrade-nscd rocky-upgrade-nscd-debuginfo rocky-upgrade-nss_db rocky-upgrade-nss_db-debuginfo rocky-upgrade-nss_hesiod rocky-upgrade-nss_hesiod-debuginfo References https://attackerkb.com/topics/cve-2023-4911 CVE - 2023-4911 https://errata.rockylinux.org/RLSA-2023:5455

Ubuntu: (Multiple Advisories) (CVE-2023-43788): libXpm vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/03/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system. Solution(s) ubuntu-pro-upgrade-libxpm4 References https://attackerkb.com/topics/cve-2023-43788 CVE - 2023-43788 USN-6408-1 USN-6408-2

Red Hat: CVE-2023-4732: kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 10/03/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-4732 RHSA-2023:6901 RHSA-2023:7077 RHSA-2023:7539 RHSA-2024:0412

FreeBSD: VID-E261E71C-6250-11EE-8E38-002590C1F29C (CVE-2023-5369): FreeBSD -- copy_file_range insufficient capability rights check Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:N) Published 10/03/2023 Created 10/05/2023 Added 10/04/2023 Modified 01/28/2025 Description Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively.Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capability. This incorrect privilege check enabled sandboxed processes with only read or write but no seek capability on a file descriptor to read data from or write data to an arbitrary location within the file corresponding to that file descriptor. Solution(s) freebsd-upgrade-base-13_2-release-p4 References CVE-2023-5369

FreeBSD: VID-FEFCD340-624F-11EE-8E38-002590C1F29C (CVE-2023-5368): FreeBSD -- msdosfs data disclosure Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 10/03/2023 Created 10/05/2023 Added 10/04/2023 Modified 01/28/2025 Description On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file). Solution(s) freebsd-upgrade-base-12_4-release-p6 freebsd-upgrade-base-13_2-release-p4 References CVE-2023-5368

FreeBSD: VID-162A675B-6251-11EE-8E38-002590C1F29C (CVE-2023-5370): FreeBSD -- arm64 boot CPUs may lack speculative execution protections Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 10/03/2023 Created 10/05/2023 Added 10/04/2023 Modified 01/28/2025 Description On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0. Solution(s) freebsd-upgrade-base-13_2-release-p4 References CVE-2023-5370

Huawei EulerOS: CVE-2023-5344: vim security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Solution(s) huawei-euleros-2_0_sp11-upgrade-vim-common huawei-euleros-2_0_sp11-upgrade-vim-enhanced huawei-euleros-2_0_sp11-upgrade-vim-filesystem huawei-euleros-2_0_sp11-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-5344 CVE - 2023-5344 EulerOS-SA-2023-3288

OS X update for CoreMedia Playback (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Ubuntu: USN-6452-1 (CVE-2023-5344): Vim vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Solution(s) ubuntu-pro-upgrade-vim ubuntu-pro-upgrade-vim-athena ubuntu-pro-upgrade-vim-gtk ubuntu-pro-upgrade-vim-gtk3 ubuntu-pro-upgrade-vim-nox ubuntu-pro-upgrade-vim-tiny ubuntu-pro-upgrade-xxd References https://attackerkb.com/topics/cve-2023-5344 CVE - 2023-5344 USN-6452-1

Ubuntu: USN-6492-1 (CVE-2023-3592): Mosquitto vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. Solution(s) ubuntu-pro-upgrade-mosquitto References https://attackerkb.com/topics/cve-2023-3592 CVE - 2023-3592 USN-6492-1

Amazon Linux AMI: CVE-2023-5344: Security patch for vim (ALAS-2023-1893) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 12/07/2023 Added 12/05/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1893 CVE-2023-5344

Oracle Linux: CVE-2023-5345: ELSA-2023-7749:kernel security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/02/2023 Created 12/20/2023 Added 12/14/2023 Modified 01/07/2025 Description A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705. A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3_fs_context_parse_param, `ctx->password` was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-5345 CVE - 2023-5345 ELSA-2023-7749 ELSA-2023-13047

Alma Linux: CVE-2023-43361: Moderate: vorbis-tools security update (ALSA-2024-3095) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/02/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. Solution(s) alma-upgrade-vorbis-tools References https://attackerkb.com/topics/cve-2023-43361 CVE - 2023-43361 https://errata.almalinux.org/8/ALSA-2024-3095.html

Gentoo Linux: CVE-2023-0809: Eclipse Mosquitto: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/02/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. Solution(s) gentoo-linux-upgrade-app-misc-mosquitto References https://attackerkb.com/topics/cve-2023-0809 CVE - 2023-0809 202401-09

OS X update for Transparency (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOUSBDeviceFamily (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FileURL (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for DiskArbitration (CVE-2023-5344) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/02/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Amazon Linux 2023: CVE-2023-5344: Medium priority package update for vim Severity 5 CVSS (AV:L/AC:L/Au:N/C:P/I:P/A:P) Published 10/02/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. A heap-based buffer overflow vulnerability was found in Vim's trunc_string() function of the src/message.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that causes an application to crash, leading to a denial of service. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo amazon-linux-2023-upgrade-xxd amazon-linux-2023-upgrade-xxd-debuginfo References https://attackerkb.com/topics/cve-2023-5344 CVE - 2023-5344 https://alas.aws.amazon.com/AL2023/ALAS-2023-378.html

Huawei EulerOS: CVE-2023-43804: python-pip security update Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:N) Published 10/04/2023 Created 10/10/2024 Added 10/09/2024 Modified 01/30/2025 Description urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5. Solution(s) huawei-euleros-2_0_sp12-upgrade-python-pip-wheel huawei-euleros-2_0_sp12-upgrade-python3-pip References https://attackerkb.com/topics/cve-2023-43804 CVE - 2023-43804 EulerOS-SA-2024-2540

Alpine Linux: CVE-2023-5371: Allocation of Resources Without Limits or Throttling Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/04/2023 Created 08/23/2024 Added 08/22/2024 Modified 01/28/2025 Description RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file Solution(s) alpine-linux-upgrade-wireshark References https://attackerkb.com/topics/cve-2023-5371 CVE - 2023-5371 https://security.alpinelinux.org/vuln/CVE-2023-5371

Oracle Linux: CVE-2023-43788: ELSA-2024-2146:libXpm security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/04/2023 Created 05/22/2024 Added 05/07/2024 Modified 01/07/2025 Description A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system. Solution(s) oracle-linux-upgrade-libxpm oracle-linux-upgrade-libxpm-devel oracle-linux-upgrade-motif oracle-linux-upgrade-motif-devel oracle-linux-upgrade-motif-static References https://attackerkb.com/topics/cve-2023-43788 CVE - 2023-43788 ELSA-2024-2146 ELSA-2024-2974 ELSA-2024-2217 ELSA-2024-3022

Atlassian Confluence: Privilege Escalation Vulnerability (CVE-2023-22515) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/04/2023 Created 10/04/2023 Added 10/04/2023 Modified 09/24/2024 Description Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. Solution(s) atlassian-confluence-upgrade-8_3_3 atlassian-confluence-upgrade-8_4_3 atlassian-confluence-upgrade-8_5_2 References https://attackerkb.com/topics/cve-2023-22515 CVE - 2023-22515

Ubuntu: (Multiple Advisories) (CVE-2023-43665): Django vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/04/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232. Solution(s) ubuntu-pro-upgrade-python3-django References https://attackerkb.com/topics/cve-2023-43665 CVE - 2023-43665 USN-6414-1 USN-6414-2