ISHACK AI BOT

VMware Photon OS: CVE-2023-5156 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/25/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-5156 CVE - 2023-5156

Amazon Linux 2023: CVE-2023-5156: Low priority package update for glibc Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/25/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. Solution(s) amazon-linux-2023-upgrade-compat-libpthread-nonshared amazon-linux-2023-upgrade-glibc amazon-linux-2023-upgrade-glibc-all-langpacks amazon-linux-2023-upgrade-glibc-benchtests amazon-linux-2023-upgrade-glibc-benchtests-debuginfo amazon-linux-2023-upgrade-glibc-common amazon-linux-2023-upgrade-glibc-common-debuginfo amazon-linux-2023-upgrade-glibc-debuginfo amazon-linux-2023-upgrade-glibc-debugsource amazon-linux-2023-upgrade-glibc-devel amazon-linux-2023-upgrade-glibc-doc amazon-linux-2023-upgrade-glibc-gconv-extra amazon-linux-2023-upgrade-glibc-gconv-extra-debuginfo amazon-linux-2023-upgrade-glibc-headers-x86 amazon-linux-2023-upgrade-glibc-langpack-aa amazon-linux-2023-upgrade-glibc-langpack-af amazon-linux-2023-upgrade-glibc-langpack-agr amazon-linux-2023-upgrade-glibc-langpack-ak amazon-linux-2023-upgrade-glibc-langpack-am amazon-linux-2023-upgrade-glibc-langpack-an amazon-linux-2023-upgrade-glibc-langpack-anp amazon-linux-2023-upgrade-glibc-langpack-ar amazon-linux-2023-upgrade-glibc-langpack-as amazon-linux-2023-upgrade-glibc-langpack-ast amazon-linux-2023-upgrade-glibc-langpack-ayc amazon-linux-2023-upgrade-glibc-langpack-az amazon-linux-2023-upgrade-glibc-langpack-be amazon-linux-2023-upgrade-glibc-langpack-bem amazon-linux-2023-upgrade-glibc-langpack-ber amazon-linux-2023-upgrade-glibc-langpack-bg amazon-linux-2023-upgrade-glibc-langpack-bhb amazon-linux-2023-upgrade-glibc-langpack-bho amazon-linux-2023-upgrade-glibc-langpack-bi amazon-linux-2023-upgrade-glibc-langpack-bn amazon-linux-2023-upgrade-glibc-langpack-bo amazon-linux-2023-upgrade-glibc-langpack-br amazon-linux-2023-upgrade-glibc-langpack-brx amazon-linux-2023-upgrade-glibc-langpack-bs amazon-linux-2023-upgrade-glibc-langpack-byn amazon-linux-2023-upgrade-glibc-langpack-ca amazon-linux-2023-upgrade-glibc-langpack-ce amazon-linux-2023-upgrade-glibc-langpack-chr amazon-linux-2023-upgrade-glibc-langpack-ckb amazon-linux-2023-upgrade-glibc-langpack-cmn amazon-linux-2023-upgrade-glibc-langpack-crh amazon-linux-2023-upgrade-glibc-langpack-cs amazon-linux-2023-upgrade-glibc-langpack-csb amazon-linux-2023-upgrade-glibc-langpack-cv amazon-linux-2023-upgrade-glibc-langpack-cy amazon-linux-2023-upgrade-glibc-langpack-da amazon-linux-2023-upgrade-glibc-langpack-de amazon-linux-2023-upgrade-glibc-langpack-doi amazon-linux-2023-upgrade-glibc-langpack-dsb amazon-linux-2023-upgrade-glibc-langpack-dv amazon-linux-2023-upgrade-glibc-langpack-dz amazon-linux-2023-upgrade-glibc-langpack-el amazon-linux-2023-upgrade-glibc-langpack-en amazon-linux-2023-upgrade-glibc-langpack-eo amazon-linux-2023-upgrade-glibc-langpack-es amazon-linux-2023-upgrade-glibc-langpack-et amazon-linux-2023-upgrade-glibc-langpack-eu amazon-linux-2023-upgrade-glibc-langpack-fa amazon-linux-2023-upgrade-glibc-langpack-ff amazon-linux-2023-upgrade-glibc-langpack-fi amazon-linux-2023-upgrade-glibc-langpack-fil amazon-linux-2023-upgrade-glibc-langpack-fo amazon-linux-2023-upgrade-glibc-langpack-fr amazon-linux-2023-upgrade-glibc-langpack-fur amazon-linux-2023-upgrade-glibc-langpack-fy amazon-linux-2023-upgrade-glibc-langpack-ga amazon-linux-2023-upgrade-glibc-langpack-gd amazon-linux-2023-upgrade-glibc-langpack-gez amazon-linux-2023-upgrade-glibc-langpack-gl amazon-linux-2023-upgrade-glibc-langpack-gu amazon-linux-2023-upgrade-glibc-langpack-gv amazon-linux-2023-upgrade-glibc-langpack-ha amazon-linux-2023-upgrade-glibc-langpack-hak amazon-linux-2023-upgrade-glibc-langpack-he amazon-linux-2023-upgrade-glibc-langpack-hi amazon-linux-2023-upgrade-glibc-langpack-hif amazon-linux-2023-upgrade-glibc-langpack-hne amazon-linux-2023-upgrade-glibc-langpack-hr amazon-linux-2023-upgrade-glibc-langpack-hsb amazon-linux-2023-upgrade-glibc-langpack-ht amazon-linux-2023-upgrade-glibc-langpack-hu amazon-linux-2023-upgrade-glibc-langpack-hy amazon-linux-2023-upgrade-glibc-langpack-ia amazon-linux-2023-upgrade-glibc-langpack-id amazon-linux-2023-upgrade-glibc-langpack-ig amazon-linux-2023-upgrade-glibc-langpack-ik amazon-linux-2023-upgrade-glibc-langpack-is amazon-linux-2023-upgrade-glibc-langpack-it amazon-linux-2023-upgrade-glibc-langpack-iu amazon-linux-2023-upgrade-glibc-langpack-ja amazon-linux-2023-upgrade-glibc-langpack-ka amazon-linux-2023-upgrade-glibc-langpack-kab amazon-linux-2023-upgrade-glibc-langpack-kk amazon-linux-2023-upgrade-glibc-langpack-kl amazon-linux-2023-upgrade-glibc-langpack-km amazon-linux-2023-upgrade-glibc-langpack-kn amazon-linux-2023-upgrade-glibc-langpack-ko amazon-linux-2023-upgrade-glibc-langpack-kok amazon-linux-2023-upgrade-glibc-langpack-ks amazon-linux-2023-upgrade-glibc-langpack-ku amazon-linux-2023-upgrade-glibc-langpack-kw amazon-linux-2023-upgrade-glibc-langpack-ky amazon-linux-2023-upgrade-glibc-langpack-lb amazon-linux-2023-upgrade-glibc-langpack-lg amazon-linux-2023-upgrade-glibc-langpack-li amazon-linux-2023-upgrade-glibc-langpack-lij amazon-linux-2023-upgrade-glibc-langpack-ln amazon-linux-2023-upgrade-glibc-langpack-lo amazon-linux-2023-upgrade-glibc-langpack-lt amazon-linux-2023-upgrade-glibc-langpack-lv amazon-linux-2023-upgrade-glibc-langpack-lzh amazon-linux-2023-upgrade-glibc-langpack-mag amazon-linux-2023-upgrade-glibc-langpack-mai amazon-linux-2023-upgrade-glibc-langpack-mfe amazon-linux-2023-upgrade-glibc-langpack-mg amazon-linux-2023-upgrade-glibc-langpack-mhr amazon-linux-2023-upgrade-glibc-langpack-mi amazon-linux-2023-upgrade-glibc-langpack-miq amazon-linux-2023-upgrade-glibc-langpack-mjw amazon-linux-2023-upgrade-glibc-langpack-mk amazon-linux-2023-upgrade-glibc-langpack-ml amazon-linux-2023-upgrade-glibc-langpack-mn amazon-linux-2023-upgrade-glibc-langpack-mni amazon-linux-2023-upgrade-glibc-langpack-mnw amazon-linux-2023-upgrade-glibc-langpack-mr amazon-linux-2023-upgrade-glibc-langpack-ms amazon-linux-2023-upgrade-glibc-langpack-mt amazon-linux-2023-upgrade-glibc-langpack-my amazon-linux-2023-upgrade-glibc-langpack-nan amazon-linux-2023-upgrade-glibc-langpack-nb amazon-linux-2023-upgrade-glibc-langpack-nds amazon-linux-2023-upgrade-glibc-langpack-ne amazon-linux-2023-upgrade-glibc-langpack-nhn amazon-linux-2023-upgrade-glibc-langpack-niu amazon-linux-2023-upgrade-glibc-langpack-nl amazon-linux-2023-upgrade-glibc-langpack-nn amazon-linux-2023-upgrade-glibc-langpack-nr amazon-linux-2023-upgrade-glibc-langpack-nso amazon-linux-2023-upgrade-glibc-langpack-oc amazon-linux-2023-upgrade-glibc-langpack-om amazon-linux-2023-upgrade-glibc-langpack-or amazon-linux-2023-upgrade-glibc-langpack-os amazon-linux-2023-upgrade-glibc-langpack-pa amazon-linux-2023-upgrade-glibc-langpack-pap amazon-linux-2023-upgrade-glibc-langpack-pl amazon-linux-2023-upgrade-glibc-langpack-ps amazon-linux-2023-upgrade-glibc-langpack-pt amazon-linux-2023-upgrade-glibc-langpack-quz amazon-linux-2023-upgrade-glibc-langpack-raj amazon-linux-2023-upgrade-glibc-langpack-ro amazon-linux-2023-upgrade-glibc-langpack-ru amazon-linux-2023-upgrade-glibc-langpack-rw amazon-linux-2023-upgrade-glibc-langpack-sa amazon-linux-2023-upgrade-glibc-langpack-sah amazon-linux-2023-upgrade-glibc-langpack-sat amazon-linux-2023-upgrade-glibc-langpack-sc amazon-linux-2023-upgrade-glibc-langpack-sd amazon-linux-2023-upgrade-glibc-langpack-se amazon-linux-2023-upgrade-glibc-langpack-sgs amazon-linux-2023-upgrade-glibc-langpack-shn amazon-linux-2023-upgrade-glibc-langpack-shs amazon-linux-2023-upgrade-glibc-langpack-si amazon-linux-2023-upgrade-glibc-langpack-sid amazon-linux-2023-upgrade-glibc-langpack-sk amazon-linux-2023-upgrade-glibc-langpack-sl amazon-linux-2023-upgrade-glibc-langpack-sm amazon-linux-2023-upgrade-glibc-langpack-so amazon-linux-2023-upgrade-glibc-langpack-sq amazon-linux-2023-upgrade-glibc-langpack-sr amazon-linux-2023-upgrade-glibc-langpack-ss amazon-linux-2023-upgrade-glibc-langpack-st amazon-linux-2023-upgrade-glibc-langpack-sv amazon-linux-2023-upgrade-glibc-langpack-sw amazon-linux-2023-upgrade-glibc-langpack-szl amazon-linux-2023-upgrade-glibc-langpack-ta amazon-linux-2023-upgrade-glibc-langpack-tcy amazon-linux-2023-upgrade-glibc-langpack-te amazon-linux-2023-upgrade-glibc-langpack-tg amazon-linux-2023-upgrade-glibc-langpack-th amazon-linux-2023-upgrade-glibc-langpack-the amazon-linux-2023-upgrade-glibc-langpack-ti amazon-linux-2023-upgrade-glibc-langpack-tig amazon-linux-2023-upgrade-glibc-langpack-tk amazon-linux-2023-upgrade-glibc-langpack-tl amazon-linux-2023-upgrade-glibc-langpack-tn amazon-linux-2023-upgrade-glibc-langpack-to amazon-linux-2023-upgrade-glibc-langpack-tpi amazon-linux-2023-upgrade-glibc-langpack-tr amazon-linux-2023-upgrade-glibc-langpack-ts amazon-linux-2023-upgrade-glibc-langpack-tt amazon-linux-2023-upgrade-glibc-langpack-ug amazon-linux-2023-upgrade-glibc-langpack-uk amazon-linux-2023-upgrade-glibc-langpack-unm amazon-linux-2023-upgrade-glibc-langpack-ur amazon-linux-2023-upgrade-glibc-langpack-uz amazon-linux-2023-upgrade-glibc-langpack-ve amazon-linux-2023-upgrade-glibc-langpack-vi amazon-linux-2023-upgrade-glibc-langpack-wa amazon-linux-2023-upgrade-glibc-langpack-wae amazon-linux-2023-upgrade-glibc-langpack-wal amazon-linux-2023-upgrade-glibc-langpack-wo amazon-linux-2023-upgrade-glibc-langpack-xh amazon-linux-2023-upgrade-glibc-langpack-yi amazon-linux-2023-upgrade-glibc-langpack-yo amazon-linux-2023-upgrade-glibc-langpack-yue amazon-linux-2023-upgrade-glibc-langpack-yuw amazon-linux-2023-upgrade-glibc-langpack-zh amazon-linux-2023-upgrade-glibc-langpack-zu amazon-linux-2023-upgrade-glibc-locale-source amazon-linux-2023-upgrade-glibc-minimal-langpack amazon-linux-2023-upgrade-glibc-nss-devel amazon-linux-2023-upgrade-glibc-static amazon-linux-2023-upgrade-glibc-utils amazon-linux-2023-upgrade-glibc-utils-debuginfo amazon-linux-2023-upgrade-libnsl amazon-linux-2023-upgrade-libnsl-debuginfo amazon-linux-2023-upgrade-nscd amazon-linux-2023-upgrade-nscd-debuginfo amazon-linux-2023-upgrade-nss-db amazon-linux-2023-upgrade-nss-db-debuginfo amazon-linux-2023-upgrade-nss-hesiod amazon-linux-2023-upgrade-nss-hesiod-debuginfo amazon-linux-2023-upgrade-sysroot-aarch64-fc34-glibc amazon-linux-2023-upgrade-sysroot-x86-64-fc34-glibc References https://attackerkb.com/topics/cve-2023-5156 CVE - 2023-5156 https://alas.aws.amazon.com/AL2023/ALAS-2023-407.html

Huawei EulerOS: CVE-2023-42753: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/25/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-42753 CVE - 2023-42753 EulerOS-SA-2023-3217

Rocky Linux: CVE-2023-42753: kernel-rt (RLSA-2024-0134) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/25/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra References https://attackerkb.com/topics/cve-2023-42753 CVE - 2023-42753 https://errata.rockylinux.org/RLSA-2024:0134

Rocky Linux: CVE-2023-5129: libwebp (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/25/2023 Created 03/07/2024 Added 03/05/2024 Modified 08/28/2024 Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. Solution(s) rocky-upgrade-libwebp rocky-upgrade-libwebp-debuginfo rocky-upgrade-libwebp-debugsource rocky-upgrade-libwebp-devel rocky-upgrade-libwebp-tools rocky-upgrade-libwebp-tools-debuginfo rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-5129 CVE - 2023-5129 https://errata.rockylinux.org/RLSA-2023:5201 https://errata.rockylinux.org/RLSA-2023:5214

Alpine Linux: CVE-2023-5129: Vulnerability in Multiple Components Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/01/2024 Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. Solution(s) alpine-linux-upgrade-tiledb alpine-linux-upgrade-libwebp References https://attackerkb.com/topics/cve-2023-5129 CVE - 2023-5129 https://security.alpinelinux.org/vuln/CVE-2023-5129

Alpine Linux: CVE-2023-40581: OS Command Injection Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description yt-dlp is a youtube-dl fork with additional features and fixes. yt-dlp allows the user to provide shell command lines to be executed at various stages in its download steps through the `--exec` flag. This flag allows output template expansion in its argument, so that metadata values may be used in the shell commands. The metadata fields can be combined with the `%q` conversion, which is intended to quote/escape these values so they can be safely passed to the shell. However, the escaping used for `cmd` (the shell used by Python's `subprocess` on Windows) does not properly escape special characters, which can allow for remote code execution if `--exec` is used directly with maliciously crafted remote data. This vulnerability only impacts `yt-dlp` on Windows, and the vulnerability is present regardless of whether `yt-dlp` is run from `cmd` or from `PowerShell`. Support for output template expansion in `--exec`, along with this vulnerable behavior, was added to `yt-dlp` in version 2021.04.11. yt-dlp version 2023.09.24 fixes this issue by properly escaping each special character. `\n` will be replaced by `\r` as no way of escaping it has been found. It is recommended to upgrade yt-dlp to version 2023.09.24 as soon as possible. Also, always be careful when using --exec, because while this specific vulnerability has been patched, using unvalidated input in shell commands is inherently dangerous. For Windows users who are not able to upgrade: 1. Avoid using any output template expansion in --exec other than {} (filepath). 2. If expansion in --exec is needed, verify the fields you are using do not contain ", | or &. 3. Instead of using --exec, write the info json and load the fields from it instead. Solution(s) alpine-linux-upgrade-yt-dlp References https://attackerkb.com/topics/cve-2023-40581 CVE - 2023-40581 https://security.alpinelinux.org/vuln/CVE-2023-40581

MFSA2023-40 Firefox: Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 (CVE-2023-5129) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/25/2023 Created 09/28/2023 Added 09/28/2023 Modified 03/08/2024 Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. Solution(s) mozilla-firefox-esr-upgrade-102_15_1 mozilla-firefox-esr-upgrade-115_2_1 mozilla-firefox-upgrade-117_0_1 References https://attackerkb.com/topics/cve-2023-5129 CVE - 2023-5129 http://www.mozilla.org/security/announce/2023/mfsa2023-40.html

MediaWiki: Unspecified Security Vulnerability (CVE-2023-3550) Severity 8 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:N) Published 09/25/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator. Solution(s) mediawiki-upgrade-latest References https://attackerkb.com/topics/cve-2023-3550 CVE - 2023-3550 https://fluidattacks.com/advisories/blondie/ https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html https://lists.fedoraproject.org/archives/list/[email protected]/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/ https://www.debian.org/security/2023/dsa-5520 https://www.mediawiki.org/wiki/MediaWiki/

Amazon Linux AMI 2: CVE-2023-4156: Security patch for gawk (ALAS-2023-2357) Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:C) Published 09/25/2023 Created 12/06/2023 Added 12/05/2023 Modified 01/28/2025 Description A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. Solution(s) amazon-linux-ami-2-upgrade-gawk amazon-linux-ami-2-upgrade-gawk-debuginfo References https://attackerkb.com/topics/cve-2023-4156 AL2/ALAS-2023-2357 CVE - 2023-4156

Ubuntu: (Multiple Advisories) (CVE-2023-5156): GNU C Library vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/25/2023 Created 12/09/2023 Added 12/08/2023 Modified 01/28/2025 Description A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. Solution(s) ubuntu-upgrade-libc-bin ubuntu-upgrade-libc6 References https://attackerkb.com/topics/cve-2023-5156 CVE - 2023-5156 USN-6541-1 USN-6541-2

Alma Linux: CVE-2023-42753: Important: kernel security update (ALSA-2024-0113) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/25/2023 Created 01/19/2024 Added 01/18/2024 Modified 01/28/2025 Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-42753 CVE - 2023-42753 https://errata.almalinux.org/8/ALSA-2024-0113.html

Huawei EulerOS: CVE-2023-5156: glibc security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/25/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. Solution(s) huawei-euleros-2_0_sp8-upgrade-glibc huawei-euleros-2_0_sp8-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp8-upgrade-glibc-common huawei-euleros-2_0_sp8-upgrade-glibc-devel huawei-euleros-2_0_sp8-upgrade-glibc-headers huawei-euleros-2_0_sp8-upgrade-glibc-langpack-aa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-af huawei-euleros-2_0_sp8-upgrade-glibc-langpack-agr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ak huawei-euleros-2_0_sp8-upgrade-glibc-langpack-am huawei-euleros-2_0_sp8-upgrade-glibc-langpack-an huawei-euleros-2_0_sp8-upgrade-glibc-langpack-anp huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ar huawei-euleros-2_0_sp8-upgrade-glibc-langpack-as huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ast huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ayc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-az huawei-euleros-2_0_sp8-upgrade-glibc-langpack-be huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bem huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ber huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bhb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bho huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-br huawei-euleros-2_0_sp8-upgrade-glibc-langpack-brx huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-byn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ca huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ce huawei-euleros-2_0_sp8-upgrade-glibc-langpack-chr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cmn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-crh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-csb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-da huawei-euleros-2_0_sp8-upgrade-glibc-langpack-de huawei-euleros-2_0_sp8-upgrade-glibc-langpack-doi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dsb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-el huawei-euleros-2_0_sp8-upgrade-glibc-langpack-en huawei-euleros-2_0_sp8-upgrade-glibc-langpack-eo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-es huawei-euleros-2_0_sp8-upgrade-glibc-langpack-et huawei-euleros-2_0_sp8-upgrade-glibc-langpack-eu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ff huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fil huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fur huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ga huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gd huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gez huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ha huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hak huawei-euleros-2_0_sp8-upgrade-glibc-langpack-he huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hif huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hne huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hsb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ht huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ia huawei-euleros-2_0_sp8-upgrade-glibc-langpack-id huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ig huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ik huawei-euleros-2_0_sp8-upgrade-glibc-langpack-is huawei-euleros-2_0_sp8-upgrade-glibc-langpack-it huawei-euleros-2_0_sp8-upgrade-glibc-langpack-iu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ja huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ka huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kab huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-km huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ko huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kok huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ks huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ku huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ky huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-li huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lij huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ln huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lzh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mag huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mai huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mfe huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mhr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-miq huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mjw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ml huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mni huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ms huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-my huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nan huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nds huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ne huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nhn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-niu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nso huawei-euleros-2_0_sp8-upgrade-glibc-langpack-oc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-om huawei-euleros-2_0_sp8-upgrade-glibc-langpack-or huawei-euleros-2_0_sp8-upgrade-glibc-langpack-os huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pap huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ps huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-quz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-raj huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ro huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ru huawei-euleros-2_0_sp8-upgrade-glibc-langpack-rw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sah huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sat huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sd huawei-euleros-2_0_sp8-upgrade-glibc-langpack-se huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sgs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-shn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-shs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-si huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sid huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sm huawei-euleros-2_0_sp8-upgrade-glibc-langpack-so huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sq huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ss huawei-euleros-2_0_sp8-upgrade-glibc-langpack-st huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-szl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ta huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tcy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-te huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-th huawei-euleros-2_0_sp8-upgrade-glibc-langpack-the huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ti huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tig huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-to huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tpi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ts huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ug huawei-euleros-2_0_sp8-upgrade-glibc-langpack-uk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-unm huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ur huawei-euleros-2_0_sp8-upgrade-glibc-langpack-uz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ve huawei-euleros-2_0_sp8-upgrade-glibc-langpack-vi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wae huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wal huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-xh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yue huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yuw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-zh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-zu huawei-euleros-2_0_sp8-upgrade-glibc-locale-source huawei-euleros-2_0_sp8-upgrade-glibc-minimal-langpack huawei-euleros-2_0_sp8-upgrade-glibc-static huawei-euleros-2_0_sp8-upgrade-glibc-utils huawei-euleros-2_0_sp8-upgrade-libnsl huawei-euleros-2_0_sp8-upgrade-nscd huawei-euleros-2_0_sp8-upgrade-nss_db huawei-euleros-2_0_sp8-upgrade-nss_hesiod References https://attackerkb.com/topics/cve-2023-5156 CVE - 2023-5156 EulerOS-SA-2024-1268

Huawei EulerOS: CVE-2023-42753: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/25/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-42753 CVE - 2023-42753 EulerOS-SA-2024-1275

Oracle Linux: CVE-2023-4535: ELSA-2023-7879:opensc security update (MODERATE) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:N/C:P/I:P/A:P) Published 09/25/2023 Created 12/21/2023 Added 12/19/2023 Modified 01/07/2025 Description An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security. Solution(s) oracle-linux-upgrade-opensc References https://attackerkb.com/topics/cve-2023-4535 CVE - 2023-4535 ELSA-2023-7879

Amazon Linux 2023: CVE-2023-40660: Medium priority package update for opensc Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/25/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness. Solution(s) amazon-linux-2023-upgrade-opensc amazon-linux-2023-upgrade-opensc-debuginfo amazon-linux-2023-upgrade-opensc-debugsource References https://attackerkb.com/topics/cve-2023-40660 CVE - 2023-40660 https://alas.aws.amazon.com/AL2023/ALAS-2023-417.html

VMware Photon OS: CVE-2023-5158 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/25/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-5158 CVE - 2023-5158

Amazon Linux 2023: CVE-2023-4535: Medium priority package update for opensc Severity 4 CVSS (AV:L/AC:H/Au:N/C:P/I:P/A:P) Published 09/25/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security. Solution(s) amazon-linux-2023-upgrade-opensc amazon-linux-2023-upgrade-opensc-debuginfo amazon-linux-2023-upgrade-opensc-debugsource References https://attackerkb.com/topics/cve-2023-4535 CVE - 2023-4535 https://alas.aws.amazon.com/AL2023/ALAS-2023-417.html

Amazon Linux AMI 2: CVE-2023-42753: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/25/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-326-245-539 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-196-185-743 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-42753 AL2/ALAS-2023-2264 AL2/ALASKERNEL-5.10-2023-040 AL2/ALASKERNEL-5.4-2023-053 CVE - 2023-42753

Debian: CVE-2023-43090: gnome-shell -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/22/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/30/2025 Description A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool. Solution(s) debian-upgrade-gnome-shell References https://attackerkb.com/topics/cve-2023-43090 CVE - 2023-43090 DSA-5501-1

Debian: CVE-2023-43770: roundcube -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/22/2023 Created 09/25/2023 Added 09/25/2023 Modified 01/28/2025 Description Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. Solution(s) debian-upgrade-roundcube References https://attackerkb.com/topics/cve-2023-43770 CVE - 2023-43770 DLA-3577-1

Huawei EulerOS: CVE-2023-34319: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece.Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together.Such an unusual packet would therefore trigger a buffer overrun in the driver. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-34319 CVE - 2023-34319 EulerOS-SA-2023-2898

FreeBSD: VID-BD92F1AB-690C-11EE-9ED0-001FC69CD6DC (CVE-2023-43786): 11/libX11 multiple vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/22/2023 Created 10/13/2023 Added 10/12/2023 Modified 01/28/2025 Description A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. Solution(s) freebsd-upgrade-package-libx11 References CVE-2023-43786

Rocky Linux: CVE-2022-3874: Satellite-6.14 (RLSA-2023-6818) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 09/22/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating system. Solution(s) rocky-upgrade-libdb-cxx rocky-upgrade-libdb-cxx-debuginfo rocky-upgrade-libdb-debuginfo rocky-upgrade-libdb-debugsource rocky-upgrade-libdb-sql-debuginfo rocky-upgrade-libdb-sql-devel-debuginfo rocky-upgrade-libdb-utils-debuginfo References https://attackerkb.com/topics/cve-2022-3874 CVE - 2022-3874 https://errata.rockylinux.org/RLSA-2023:6818

Oracle Linux: CVE-2023-42753: ELSA-2024-0346:kernel security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 09/22/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/23/2025 Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-42753 CVE - 2023-42753 ELSA-2024-0346 ELSA-2023-12875 ELSA-2023-12911 ELSA-2024-12069 ELSA-2024-12094 ELSA-2023-12825 ELSA-2024-0461 ELSA-2023-12914 ELSA-2023-12858 ELSA-2023-12910 ELSA-2023-12874 ELSA-2023-12915 ELSA-2023-12824 ELSA-2023-12826 View more