ISHACK AI BOT

Microsoft Edge Chromium: CVE-2023-36727 Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/16/2023 Created 09/18/2023 Added 09/16/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Spoofing Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-36727 CVE - 2023-36727 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36727

Microsoft Edge Chromium: CVE-2023-36735 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/16/2023 Created 09/18/2023 Added 09/16/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-36735 CVE - 2023-36735 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36735

Oracle Linux: (CVE-2023-22024) (Multiple Advisories): Unbreakable Enterprise kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/16/2023 Created 09/18/2023 Added 09/16/2023 Modified 01/28/2025 Description In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant.A malicious local user with CAP_NET_ADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Solution(s) oracle-linux-upgrade-bpftool oracle-linux-upgrade-kernel-uek oracle-linux-upgrade-kernel-uek-container oracle-linux-upgrade-kernel-uek-container-debug oracle-linux-upgrade-kernel-uek-core oracle-linux-upgrade-kernel-uek-debug oracle-linux-upgrade-kernel-uek-debug-core oracle-linux-upgrade-kernel-uek-debug-devel oracle-linux-upgrade-kernel-uek-debug-modules oracle-linux-upgrade-kernel-uek-debug-modules-extra oracle-linux-upgrade-kernel-uek-devel oracle-linux-upgrade-kernel-uek-doc oracle-linux-upgrade-kernel-uek-firmware oracle-linux-upgrade-kernel-uek-headers oracle-linux-upgrade-kernel-uek-modules oracle-linux-upgrade-kernel-uek-modules-extra oracle-linux-upgrade-kernel-uek-tools oracle-linux-upgrade-kernel-uek-tools-libs oracle-linux-upgrade-kernel-uek-tools-libs-devel oracle-linux-upgrade-perf oracle-linux-upgrade-python-perf References CVE-2023-22024

OS X update for curl (CVE-2023-38039) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/15/2023 Created 01/24/2024 Added 01/23/2024 Modified 01/28/2025 Description When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. Solution(s) apple-osx-upgrade-12_7_3 apple-osx-upgrade-13_6_4 apple-osx-upgrade-14_2 References https://attackerkb.com/topics/cve-2023-38039 CVE - 2023-38039 https://support.apple.com/en-us/120305 https://support.apple.com/en-us/120307 https://support.apple.com/kb/HT214036

Huawei EulerOS: CVE-2023-4806: glibc security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/18/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Solution(s) huawei-euleros-2_0_sp10-upgrade-glibc huawei-euleros-2_0_sp10-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp10-upgrade-glibc-common huawei-euleros-2_0_sp10-upgrade-glibc-locale-source huawei-euleros-2_0_sp10-upgrade-libnsl huawei-euleros-2_0_sp10-upgrade-nscd References https://attackerkb.com/topics/cve-2023-4806 CVE - 2023-4806 EulerOS-SA-2024-1081

Huawei EulerOS: CVE-2023-43115: ghostscript security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/18/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). Solution(s) huawei-euleros-2_0_sp10-upgrade-ghostscript huawei-euleros-2_0_sp10-upgrade-ghostscript-help References https://attackerkb.com/topics/cve-2023-43115 CVE - 2023-43115 EulerOS-SA-2023-3211

Amazon Linux 2023: CVE-2023-43115: Important priority package update for ghostscript Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/18/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). A vulnerability was found in Artifex Ghostscript in gdevijs.c, allows a malicious remote attacker to perform remote code execution via crafted PostScript documents. Solution(s) amazon-linux-2023-upgrade-ghostscript amazon-linux-2023-upgrade-ghostscript-debuginfo amazon-linux-2023-upgrade-ghostscript-debugsource amazon-linux-2023-upgrade-ghostscript-doc amazon-linux-2023-upgrade-ghostscript-gtk amazon-linux-2023-upgrade-ghostscript-gtk-debuginfo amazon-linux-2023-upgrade-ghostscript-tools-dvipdf amazon-linux-2023-upgrade-ghostscript-tools-fonts amazon-linux-2023-upgrade-ghostscript-tools-printing amazon-linux-2023-upgrade-ghostscript-x11 amazon-linux-2023-upgrade-ghostscript-x11-debuginfo amazon-linux-2023-upgrade-libgs amazon-linux-2023-upgrade-libgs-debuginfo amazon-linux-2023-upgrade-libgs-devel References https://attackerkb.com/topics/cve-2023-43115 CVE - 2023-43115 https://alas.aws.amazon.com/AL2023/ALAS-2023-362.html

Ubuntu: USN-6433-1 (CVE-2023-43115): Ghostscript vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/18/2023 Created 10/18/2023 Added 10/18/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). Solution(s) ubuntu-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-43115 CVE - 2023-43115 USN-6433-1

Ubuntu: USN-6409-1 (CVE-2023-4527): GNU C Library vulnerabilities Severity 8 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:C) Published 09/18/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. Solution(s) ubuntu-upgrade-libc6 References https://attackerkb.com/topics/cve-2023-4527 CVE - 2023-4527 USN-6409-1

Red Hat: CVE-2023-4806: glibc: potential use-after-free in getaddrinfo() (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/18/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Solution(s) redhat-upgrade-compat-libpthread-nonshared redhat-upgrade-glibc redhat-upgrade-glibc-all-langpacks redhat-upgrade-glibc-all-langpacks-debuginfo redhat-upgrade-glibc-benchtests redhat-upgrade-glibc-benchtests-debuginfo redhat-upgrade-glibc-common redhat-upgrade-glibc-common-debuginfo redhat-upgrade-glibc-debuginfo redhat-upgrade-glibc-debugsource redhat-upgrade-glibc-devel redhat-upgrade-glibc-doc redhat-upgrade-glibc-gconv-extra redhat-upgrade-glibc-gconv-extra-debuginfo redhat-upgrade-glibc-headers redhat-upgrade-glibc-langpack-aa redhat-upgrade-glibc-langpack-af redhat-upgrade-glibc-langpack-agr redhat-upgrade-glibc-langpack-ak redhat-upgrade-glibc-langpack-am redhat-upgrade-glibc-langpack-an redhat-upgrade-glibc-langpack-anp redhat-upgrade-glibc-langpack-ar redhat-upgrade-glibc-langpack-as redhat-upgrade-glibc-langpack-ast redhat-upgrade-glibc-langpack-ayc redhat-upgrade-glibc-langpack-az redhat-upgrade-glibc-langpack-be redhat-upgrade-glibc-langpack-bem redhat-upgrade-glibc-langpack-ber redhat-upgrade-glibc-langpack-bg redhat-upgrade-glibc-langpack-bhb redhat-upgrade-glibc-langpack-bho redhat-upgrade-glibc-langpack-bi redhat-upgrade-glibc-langpack-bn redhat-upgrade-glibc-langpack-bo redhat-upgrade-glibc-langpack-br redhat-upgrade-glibc-langpack-brx redhat-upgrade-glibc-langpack-bs redhat-upgrade-glibc-langpack-byn redhat-upgrade-glibc-langpack-ca redhat-upgrade-glibc-langpack-ce redhat-upgrade-glibc-langpack-chr redhat-upgrade-glibc-langpack-ckb redhat-upgrade-glibc-langpack-cmn redhat-upgrade-glibc-langpack-crh redhat-upgrade-glibc-langpack-cs redhat-upgrade-glibc-langpack-csb redhat-upgrade-glibc-langpack-cv redhat-upgrade-glibc-langpack-cy redhat-upgrade-glibc-langpack-da redhat-upgrade-glibc-langpack-de redhat-upgrade-glibc-langpack-doi redhat-upgrade-glibc-langpack-dsb redhat-upgrade-glibc-langpack-dv redhat-upgrade-glibc-langpack-dz redhat-upgrade-glibc-langpack-el redhat-upgrade-glibc-langpack-en redhat-upgrade-glibc-langpack-eo redhat-upgrade-glibc-langpack-es redhat-upgrade-glibc-langpack-et redhat-upgrade-glibc-langpack-eu redhat-upgrade-glibc-langpack-fa redhat-upgrade-glibc-langpack-ff redhat-upgrade-glibc-langpack-fi redhat-upgrade-glibc-langpack-fil redhat-upgrade-glibc-langpack-fo redhat-upgrade-glibc-langpack-fr redhat-upgrade-glibc-langpack-fur redhat-upgrade-glibc-langpack-fy redhat-upgrade-glibc-langpack-ga redhat-upgrade-glibc-langpack-gd redhat-upgrade-glibc-langpack-gez redhat-upgrade-glibc-langpack-gl redhat-upgrade-glibc-langpack-gu redhat-upgrade-glibc-langpack-gv redhat-upgrade-glibc-langpack-ha redhat-upgrade-glibc-langpack-hak redhat-upgrade-glibc-langpack-he redhat-upgrade-glibc-langpack-hi redhat-upgrade-glibc-langpack-hif redhat-upgrade-glibc-langpack-hne redhat-upgrade-glibc-langpack-hr redhat-upgrade-glibc-langpack-hsb redhat-upgrade-glibc-langpack-ht redhat-upgrade-glibc-langpack-hu redhat-upgrade-glibc-langpack-hy redhat-upgrade-glibc-langpack-ia redhat-upgrade-glibc-langpack-id redhat-upgrade-glibc-langpack-ig redhat-upgrade-glibc-langpack-ik redhat-upgrade-glibc-langpack-is redhat-upgrade-glibc-langpack-it redhat-upgrade-glibc-langpack-iu redhat-upgrade-glibc-langpack-ja redhat-upgrade-glibc-langpack-ka redhat-upgrade-glibc-langpack-kab redhat-upgrade-glibc-langpack-kk redhat-upgrade-glibc-langpack-kl redhat-upgrade-glibc-langpack-km redhat-upgrade-glibc-langpack-kn redhat-upgrade-glibc-langpack-ko redhat-upgrade-glibc-langpack-kok redhat-upgrade-glibc-langpack-ks redhat-upgrade-glibc-langpack-ku redhat-upgrade-glibc-langpack-kw redhat-upgrade-glibc-langpack-ky redhat-upgrade-glibc-langpack-lb redhat-upgrade-glibc-langpack-lg redhat-upgrade-glibc-langpack-li redhat-upgrade-glibc-langpack-lij redhat-upgrade-glibc-langpack-ln redhat-upgrade-glibc-langpack-lo redhat-upgrade-glibc-langpack-lt redhat-upgrade-glibc-langpack-lv redhat-upgrade-glibc-langpack-lzh redhat-upgrade-glibc-langpack-mag redhat-upgrade-glibc-langpack-mai redhat-upgrade-glibc-langpack-mfe redhat-upgrade-glibc-langpack-mg redhat-upgrade-glibc-langpack-mhr redhat-upgrade-glibc-langpack-mi redhat-upgrade-glibc-langpack-miq redhat-upgrade-glibc-langpack-mjw redhat-upgrade-glibc-langpack-mk redhat-upgrade-glibc-langpack-ml redhat-upgrade-glibc-langpack-mn redhat-upgrade-glibc-langpack-mni redhat-upgrade-glibc-langpack-mnw redhat-upgrade-glibc-langpack-mr redhat-upgrade-glibc-langpack-ms redhat-upgrade-glibc-langpack-mt redhat-upgrade-glibc-langpack-my redhat-upgrade-glibc-langpack-nan redhat-upgrade-glibc-langpack-nb redhat-upgrade-glibc-langpack-nds redhat-upgrade-glibc-langpack-ne redhat-upgrade-glibc-langpack-nhn redhat-upgrade-glibc-langpack-niu redhat-upgrade-glibc-langpack-nl redhat-upgrade-glibc-langpack-nn redhat-upgrade-glibc-langpack-nr redhat-upgrade-glibc-langpack-nso redhat-upgrade-glibc-langpack-oc redhat-upgrade-glibc-langpack-om redhat-upgrade-glibc-langpack-or redhat-upgrade-glibc-langpack-os redhat-upgrade-glibc-langpack-pa redhat-upgrade-glibc-langpack-pap redhat-upgrade-glibc-langpack-pl redhat-upgrade-glibc-langpack-ps redhat-upgrade-glibc-langpack-pt redhat-upgrade-glibc-langpack-quz redhat-upgrade-glibc-langpack-raj redhat-upgrade-glibc-langpack-ro redhat-upgrade-glibc-langpack-ru redhat-upgrade-glibc-langpack-rw redhat-upgrade-glibc-langpack-sa redhat-upgrade-glibc-langpack-sah redhat-upgrade-glibc-langpack-sat redhat-upgrade-glibc-langpack-sc redhat-upgrade-glibc-langpack-sd redhat-upgrade-glibc-langpack-se redhat-upgrade-glibc-langpack-sgs redhat-upgrade-glibc-langpack-shn redhat-upgrade-glibc-langpack-shs redhat-upgrade-glibc-langpack-si redhat-upgrade-glibc-langpack-sid redhat-upgrade-glibc-langpack-sk redhat-upgrade-glibc-langpack-sl redhat-upgrade-glibc-langpack-sm redhat-upgrade-glibc-langpack-so redhat-upgrade-glibc-langpack-sq redhat-upgrade-glibc-langpack-sr redhat-upgrade-glibc-langpack-ss redhat-upgrade-glibc-langpack-st redhat-upgrade-glibc-langpack-sv redhat-upgrade-glibc-langpack-sw redhat-upgrade-glibc-langpack-szl redhat-upgrade-glibc-langpack-ta redhat-upgrade-glibc-langpack-tcy redhat-upgrade-glibc-langpack-te redhat-upgrade-glibc-langpack-tg redhat-upgrade-glibc-langpack-th redhat-upgrade-glibc-langpack-the redhat-upgrade-glibc-langpack-ti redhat-upgrade-glibc-langpack-tig redhat-upgrade-glibc-langpack-tk redhat-upgrade-glibc-langpack-tl redhat-upgrade-glibc-langpack-tn redhat-upgrade-glibc-langpack-to redhat-upgrade-glibc-langpack-tpi redhat-upgrade-glibc-langpack-tr redhat-upgrade-glibc-langpack-ts redhat-upgrade-glibc-langpack-tt redhat-upgrade-glibc-langpack-ug redhat-upgrade-glibc-langpack-uk redhat-upgrade-glibc-langpack-unm redhat-upgrade-glibc-langpack-ur redhat-upgrade-glibc-langpack-uz redhat-upgrade-glibc-langpack-ve redhat-upgrade-glibc-langpack-vi redhat-upgrade-glibc-langpack-wa redhat-upgrade-glibc-langpack-wae redhat-upgrade-glibc-langpack-wal redhat-upgrade-glibc-langpack-wo redhat-upgrade-glibc-langpack-xh redhat-upgrade-glibc-langpack-yi redhat-upgrade-glibc-langpack-yo redhat-upgrade-glibc-langpack-yue redhat-upgrade-glibc-langpack-yuw redhat-upgrade-glibc-langpack-zh redhat-upgrade-glibc-langpack-zu redhat-upgrade-glibc-locale-source redhat-upgrade-glibc-minimal-langpack redhat-upgrade-glibc-nss-devel redhat-upgrade-glibc-static redhat-upgrade-glibc-utils redhat-upgrade-glibc-utils-debuginfo redhat-upgrade-libnsl redhat-upgrade-libnsl-debuginfo redhat-upgrade-nscd redhat-upgrade-nscd-debuginfo redhat-upgrade-nss_db redhat-upgrade-nss_db-debuginfo redhat-upgrade-nss_hesiod redhat-upgrade-nss_hesiod-debuginfo References CVE-2023-4806 RHSA-2023:5453 RHSA-2023:5455 RHSA-2023:7409

Red Hat: CVE-2023-5129: out-of-bounds write with a specially crafted WebP lossless file (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/18/2023 Created 10/03/2023 Added 10/02/2023 Modified 03/08/2024 Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-libwebp redhat-upgrade-libwebp-debuginfo redhat-upgrade-libwebp-debugsource redhat-upgrade-libwebp-devel redhat-upgrade-libwebp-java-debuginfo redhat-upgrade-libwebp-tools redhat-upgrade-libwebp-tools-debuginfo redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-5129 RHSA-2023:5184 RHSA-2023:5189 RHSA-2023:5191 RHSA-2023:5197 RHSA-2023:5198 RHSA-2023:5200 RHSA-2023:5201 RHSA-2023:5202 RHSA-2023:5204 RHSA-2023:5205 RHSA-2023:5214 RHSA-2023:5223 RHSA-2023:5224 RHSA-2023:5309 View more

Red Hat: CVE-2023-43115: GhostPDL can lead to remote code execution via crafted PostScript documents (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/18/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). Solution(s) redhat-upgrade-ghostscript redhat-upgrade-ghostscript-debuginfo redhat-upgrade-ghostscript-debugsource redhat-upgrade-ghostscript-doc redhat-upgrade-ghostscript-gtk-debuginfo redhat-upgrade-ghostscript-tools-dvipdf redhat-upgrade-ghostscript-tools-fonts redhat-upgrade-ghostscript-tools-printing redhat-upgrade-ghostscript-x11 redhat-upgrade-ghostscript-x11-debuginfo redhat-upgrade-libgs redhat-upgrade-libgs-debuginfo redhat-upgrade-libgs-devel References CVE-2023-43115 RHSA-2023:5868 RHSA-2023:6265 RHSA-2023:6732

Huawei EulerOS: CVE-2023-4806: glibc security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/18/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Solution(s) huawei-euleros-2_0_sp9-upgrade-glibc huawei-euleros-2_0_sp9-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp9-upgrade-glibc-common huawei-euleros-2_0_sp9-upgrade-glibc-debugutils huawei-euleros-2_0_sp9-upgrade-glibc-locale-source huawei-euleros-2_0_sp9-upgrade-libnsl huawei-euleros-2_0_sp9-upgrade-nscd References https://attackerkb.com/topics/cve-2023-4806 CVE - 2023-4806 EulerOS-SA-2023-3330

Debian: CVE-2023-4806: glibc -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/18/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Solution(s) debian-upgrade-glibc References https://attackerkb.com/topics/cve-2023-4806 CVE - 2023-4806

Alma Linux: CVE-2023-4527: Important: glibc security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:C) Published 09/18/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. Solution(s) alma-upgrade-compat-libpthread-nonshared alma-upgrade-glibc alma-upgrade-glibc-all-langpacks alma-upgrade-glibc-benchtests alma-upgrade-glibc-common alma-upgrade-glibc-devel alma-upgrade-glibc-doc alma-upgrade-glibc-gconv-extra alma-upgrade-glibc-headers alma-upgrade-glibc-langpack-aa alma-upgrade-glibc-langpack-af alma-upgrade-glibc-langpack-agr alma-upgrade-glibc-langpack-ak alma-upgrade-glibc-langpack-am alma-upgrade-glibc-langpack-an alma-upgrade-glibc-langpack-anp alma-upgrade-glibc-langpack-ar alma-upgrade-glibc-langpack-as alma-upgrade-glibc-langpack-ast alma-upgrade-glibc-langpack-ayc alma-upgrade-glibc-langpack-az alma-upgrade-glibc-langpack-be alma-upgrade-glibc-langpack-bem alma-upgrade-glibc-langpack-ber alma-upgrade-glibc-langpack-bg alma-upgrade-glibc-langpack-bhb alma-upgrade-glibc-langpack-bho alma-upgrade-glibc-langpack-bi alma-upgrade-glibc-langpack-bn alma-upgrade-glibc-langpack-bo alma-upgrade-glibc-langpack-br alma-upgrade-glibc-langpack-brx alma-upgrade-glibc-langpack-bs alma-upgrade-glibc-langpack-byn alma-upgrade-glibc-langpack-ca alma-upgrade-glibc-langpack-ce alma-upgrade-glibc-langpack-chr alma-upgrade-glibc-langpack-ckb alma-upgrade-glibc-langpack-cmn alma-upgrade-glibc-langpack-crh alma-upgrade-glibc-langpack-cs alma-upgrade-glibc-langpack-csb alma-upgrade-glibc-langpack-cv alma-upgrade-glibc-langpack-cy alma-upgrade-glibc-langpack-da alma-upgrade-glibc-langpack-de alma-upgrade-glibc-langpack-doi alma-upgrade-glibc-langpack-dsb alma-upgrade-glibc-langpack-dv alma-upgrade-glibc-langpack-dz alma-upgrade-glibc-langpack-el alma-upgrade-glibc-langpack-en alma-upgrade-glibc-langpack-eo alma-upgrade-glibc-langpack-es alma-upgrade-glibc-langpack-et alma-upgrade-glibc-langpack-eu alma-upgrade-glibc-langpack-fa alma-upgrade-glibc-langpack-ff alma-upgrade-glibc-langpack-fi alma-upgrade-glibc-langpack-fil alma-upgrade-glibc-langpack-fo alma-upgrade-glibc-langpack-fr alma-upgrade-glibc-langpack-fur alma-upgrade-glibc-langpack-fy alma-upgrade-glibc-langpack-ga alma-upgrade-glibc-langpack-gd alma-upgrade-glibc-langpack-gez alma-upgrade-glibc-langpack-gl alma-upgrade-glibc-langpack-gu alma-upgrade-glibc-langpack-gv alma-upgrade-glibc-langpack-ha alma-upgrade-glibc-langpack-hak alma-upgrade-glibc-langpack-he alma-upgrade-glibc-langpack-hi alma-upgrade-glibc-langpack-hif alma-upgrade-glibc-langpack-hne alma-upgrade-glibc-langpack-hr alma-upgrade-glibc-langpack-hsb alma-upgrade-glibc-langpack-ht alma-upgrade-glibc-langpack-hu alma-upgrade-glibc-langpack-hy alma-upgrade-glibc-langpack-ia alma-upgrade-glibc-langpack-id alma-upgrade-glibc-langpack-ig alma-upgrade-glibc-langpack-ik alma-upgrade-glibc-langpack-is alma-upgrade-glibc-langpack-it alma-upgrade-glibc-langpack-iu alma-upgrade-glibc-langpack-ja alma-upgrade-glibc-langpack-ka alma-upgrade-glibc-langpack-kab alma-upgrade-glibc-langpack-kk alma-upgrade-glibc-langpack-kl alma-upgrade-glibc-langpack-km alma-upgrade-glibc-langpack-kn alma-upgrade-glibc-langpack-ko alma-upgrade-glibc-langpack-kok alma-upgrade-glibc-langpack-ks alma-upgrade-glibc-langpack-ku alma-upgrade-glibc-langpack-kw alma-upgrade-glibc-langpack-ky alma-upgrade-glibc-langpack-lb alma-upgrade-glibc-langpack-lg alma-upgrade-glibc-langpack-li alma-upgrade-glibc-langpack-lij alma-upgrade-glibc-langpack-ln alma-upgrade-glibc-langpack-lo alma-upgrade-glibc-langpack-lt alma-upgrade-glibc-langpack-lv alma-upgrade-glibc-langpack-lzh alma-upgrade-glibc-langpack-mag alma-upgrade-glibc-langpack-mai alma-upgrade-glibc-langpack-mfe alma-upgrade-glibc-langpack-mg alma-upgrade-glibc-langpack-mhr alma-upgrade-glibc-langpack-mi alma-upgrade-glibc-langpack-miq alma-upgrade-glibc-langpack-mjw alma-upgrade-glibc-langpack-mk alma-upgrade-glibc-langpack-ml alma-upgrade-glibc-langpack-mn alma-upgrade-glibc-langpack-mni alma-upgrade-glibc-langpack-mnw alma-upgrade-glibc-langpack-mr alma-upgrade-glibc-langpack-ms alma-upgrade-glibc-langpack-mt alma-upgrade-glibc-langpack-my alma-upgrade-glibc-langpack-nan alma-upgrade-glibc-langpack-nb alma-upgrade-glibc-langpack-nds alma-upgrade-glibc-langpack-ne alma-upgrade-glibc-langpack-nhn alma-upgrade-glibc-langpack-niu alma-upgrade-glibc-langpack-nl alma-upgrade-glibc-langpack-nn alma-upgrade-glibc-langpack-nr alma-upgrade-glibc-langpack-nso alma-upgrade-glibc-langpack-oc alma-upgrade-glibc-langpack-om alma-upgrade-glibc-langpack-or alma-upgrade-glibc-langpack-os alma-upgrade-glibc-langpack-pa alma-upgrade-glibc-langpack-pap alma-upgrade-glibc-langpack-pl alma-upgrade-glibc-langpack-ps alma-upgrade-glibc-langpack-pt alma-upgrade-glibc-langpack-quz alma-upgrade-glibc-langpack-raj alma-upgrade-glibc-langpack-ro alma-upgrade-glibc-langpack-ru alma-upgrade-glibc-langpack-rw alma-upgrade-glibc-langpack-sa alma-upgrade-glibc-langpack-sah alma-upgrade-glibc-langpack-sat alma-upgrade-glibc-langpack-sc alma-upgrade-glibc-langpack-sd alma-upgrade-glibc-langpack-se alma-upgrade-glibc-langpack-sgs alma-upgrade-glibc-langpack-shn alma-upgrade-glibc-langpack-shs alma-upgrade-glibc-langpack-si alma-upgrade-glibc-langpack-sid alma-upgrade-glibc-langpack-sk alma-upgrade-glibc-langpack-sl alma-upgrade-glibc-langpack-sm alma-upgrade-glibc-langpack-so alma-upgrade-glibc-langpack-sq alma-upgrade-glibc-langpack-sr alma-upgrade-glibc-langpack-ss alma-upgrade-glibc-langpack-st alma-upgrade-glibc-langpack-sv alma-upgrade-glibc-langpack-sw alma-upgrade-glibc-langpack-szl alma-upgrade-glibc-langpack-ta alma-upgrade-glibc-langpack-tcy alma-upgrade-glibc-langpack-te alma-upgrade-glibc-langpack-tg alma-upgrade-glibc-langpack-th alma-upgrade-glibc-langpack-the alma-upgrade-glibc-langpack-ti alma-upgrade-glibc-langpack-tig alma-upgrade-glibc-langpack-tk alma-upgrade-glibc-langpack-tl alma-upgrade-glibc-langpack-tn alma-upgrade-glibc-langpack-to alma-upgrade-glibc-langpack-tpi alma-upgrade-glibc-langpack-tr alma-upgrade-glibc-langpack-ts alma-upgrade-glibc-langpack-tt alma-upgrade-glibc-langpack-ug alma-upgrade-glibc-langpack-uk alma-upgrade-glibc-langpack-unm alma-upgrade-glibc-langpack-ur alma-upgrade-glibc-langpack-uz alma-upgrade-glibc-langpack-ve alma-upgrade-glibc-langpack-vi alma-upgrade-glibc-langpack-wa alma-upgrade-glibc-langpack-wae alma-upgrade-glibc-langpack-wal alma-upgrade-glibc-langpack-wo alma-upgrade-glibc-langpack-xh alma-upgrade-glibc-langpack-yi alma-upgrade-glibc-langpack-yo alma-upgrade-glibc-langpack-yue alma-upgrade-glibc-langpack-yuw alma-upgrade-glibc-langpack-zh alma-upgrade-glibc-langpack-zu alma-upgrade-glibc-locale-source alma-upgrade-glibc-minimal-langpack alma-upgrade-glibc-nss-devel alma-upgrade-glibc-static alma-upgrade-glibc-utils alma-upgrade-libnsl alma-upgrade-nscd alma-upgrade-nss_db alma-upgrade-nss_hesiod References https://attackerkb.com/topics/cve-2023-4527 CVE - 2023-4527 https://errata.almalinux.org/8/ALSA-2023-5455.html https://errata.almalinux.org/9/ALSA-2023-5453.html

Ubuntu: (Multiple Advisories) (CVE-2023-3341): Bind vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/20/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/30/2025 Description The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1. Solution(s) ubuntu-pro-upgrade-bind9 ubuntu-pro-upgrade-libbind9-140 ubuntu-pro-upgrade-libbind9-160 ubuntu-pro-upgrade-libbind9-90 References https://attackerkb.com/topics/cve-2023-3341 CVE - 2023-3341 USN-6390-1 USN-6421-1

Rocky Linux: CVE-2023-0118: Satellite-6.14 (RLSA-2023-6818) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 09/20/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system. Solution(s) rocky-upgrade-libdb-cxx rocky-upgrade-libdb-cxx-debuginfo rocky-upgrade-libdb-debuginfo rocky-upgrade-libdb-debugsource rocky-upgrade-libdb-sql-debuginfo rocky-upgrade-libdb-sql-devel-debuginfo rocky-upgrade-libdb-utils-debuginfo References https://attackerkb.com/topics/cve-2023-0118 CVE - 2023-0118 https://errata.rockylinux.org/RLSA-2023:6818

Debian: CVE-2023-42464: netatalk -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 09/22/2023 Added 09/22/2023 Modified 01/28/2025 Description A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967. Solution(s) debian-upgrade-netatalk References https://attackerkb.com/topics/cve-2023-42464 CVE - 2023-42464 DSA-5503 DSA-5503-1

SUSE: CVE-2023-4504: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. Solution(s) suse-upgrade-cups suse-upgrade-cups-client suse-upgrade-cups-config suse-upgrade-cups-ddk suse-upgrade-cups-devel suse-upgrade-cups-devel-32bit suse-upgrade-cups-libs suse-upgrade-cups-libs-32bit suse-upgrade-libcups2 suse-upgrade-libcups2-32bit suse-upgrade-libcupscgi1 suse-upgrade-libcupscgi1-32bit suse-upgrade-libcupsimage2 suse-upgrade-libcupsimage2-32bit suse-upgrade-libcupsmime1 suse-upgrade-libcupsmime1-32bit suse-upgrade-libcupsppdc1 suse-upgrade-libcupsppdc1-32bit References https://attackerkb.com/topics/cve-2023-4504 CVE - 2023-4504

Huawei EulerOS: CVE-2019-19450: python-reportlab security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/20/2023 Created 10/09/2024 Added 10/08/2024 Modified 01/30/2025 Description paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626. Solution(s) huawei-euleros-2_0_sp5-upgrade-python-reportlab References https://attackerkb.com/topics/cve-2019-19450 CVE - 2019-19450 EulerOS-SA-2024-2075

Amazon Linux AMI 2: CVE-2023-40167: Security patch for jetty (ALAS-2024-2460) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/15/2023 Created 02/22/2024 Added 02/21/2024 Modified 01/28/2025 Description Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field.This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses.There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario. Solution(s) amazon-linux-ami-2-upgrade-jetty-annotations amazon-linux-ami-2-upgrade-jetty-ant amazon-linux-ami-2-upgrade-jetty-client amazon-linux-ami-2-upgrade-jetty-continuation amazon-linux-ami-2-upgrade-jetty-deploy amazon-linux-ami-2-upgrade-jetty-http amazon-linux-ami-2-upgrade-jetty-io amazon-linux-ami-2-upgrade-jetty-jaas amazon-linux-ami-2-upgrade-jetty-jaspi amazon-linux-ami-2-upgrade-jetty-javadoc amazon-linux-ami-2-upgrade-jetty-jmx amazon-linux-ami-2-upgrade-jetty-jndi amazon-linux-ami-2-upgrade-jetty-jsp amazon-linux-ami-2-upgrade-jetty-jspc-maven-plugin amazon-linux-ami-2-upgrade-jetty-maven-plugin amazon-linux-ami-2-upgrade-jetty-monitor amazon-linux-ami-2-upgrade-jetty-plus amazon-linux-ami-2-upgrade-jetty-project amazon-linux-ami-2-upgrade-jetty-proxy amazon-linux-ami-2-upgrade-jetty-rewrite amazon-linux-ami-2-upgrade-jetty-runner amazon-linux-ami-2-upgrade-jetty-security amazon-linux-ami-2-upgrade-jetty-server amazon-linux-ami-2-upgrade-jetty-servlet amazon-linux-ami-2-upgrade-jetty-servlets amazon-linux-ami-2-upgrade-jetty-start amazon-linux-ami-2-upgrade-jetty-util amazon-linux-ami-2-upgrade-jetty-util-ajax amazon-linux-ami-2-upgrade-jetty-webapp amazon-linux-ami-2-upgrade-jetty-websocket-api amazon-linux-ami-2-upgrade-jetty-websocket-client amazon-linux-ami-2-upgrade-jetty-websocket-common amazon-linux-ami-2-upgrade-jetty-websocket-parent amazon-linux-ami-2-upgrade-jetty-websocket-server amazon-linux-ami-2-upgrade-jetty-websocket-servlet amazon-linux-ami-2-upgrade-jetty-xml References https://attackerkb.com/topics/cve-2023-40167 AL2/ALAS-2024-2460 CVE - 2023-40167

Amazon Linux AMI 2: CVE-2023-38039: Security patch for curl (ALAS-2023-2271) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/15/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. Solution(s) amazon-linux-ami-2-upgrade-curl amazon-linux-ami-2-upgrade-curl-debuginfo amazon-linux-ami-2-upgrade-libcurl amazon-linux-ami-2-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-38039 AL2/ALAS-2023-2271 CVE - 2023-38039

FreeBSD: VID-B5508C08-547A-11EE-85EB-84A93843EB75: Roundcube -- XSS vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/15/2023 Created 09/18/2023 Added 09/16/2023 Modified 09/16/2023 Description The Roundcube webmail project reports: cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages Solution(s) freebsd-upgrade-package-roundcube

OS X update for AppleEvents (CVE-2023-38039) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/15/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleGraphicsControl (CVE-2023-38039) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/15/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)