ISHACK AI BOT

Debian: CVE-2023-4921: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/12/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-4921 CVE - 2023-4921 DLA-3623-1

Microsoft CVE-2023-36796: Visual Studio Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 09/13/2023 Added 09/12/2023 Modified 12/12/2023 Description Microsoft CVE-2023-36796: Visual Studio Remote Code Execution Vulnerability Solution(s) msft-kb5029915-542716df-caf5-415e-8c9f-c38085d34259 msft-kb5029919-0e17a3d0-b8fc-4532-9c71-bc2db076cfde msft-kb5029919-84b53a65-a7f5-4a47-a0aa-42527999c1b1 msft-kb5029919-95ddc985-8460-4a29-9aa0-f709247af5a0 msft-kb5029919-fe3f6ce9-d8d5-441a-950d-346e90ab5b61 msft-kb5029920-a426c73a-7524-4c7f-a70d-85667828cd9b msft-kb5029921-3b881985-a34f-4d5a-ad13-86c323c62882 msft-kb5029921-628c531c-67ef-4610-9abe-1aebed19b278 msft-kb5029922-a41d238e-0ec3-4a3a-9774-7a50cb8c1b6a msft-kb5029923-0d6b22fb-3ac1-43ad-bc95-075d978a91d6 msft-kb5029923-2d155da6-4bb5-4a6e-9ee7-1e4df8daba37 msft-kb5029923-84573830-b6cc-474a-bc71-6621688c948a msft-kb5029923-97dd8942-1d6a-4ed4-8215-99bb804e8498 msft-kb5029925-34d51172-a980-4c94-ab76-97236f5f40e1 msft-kb5029925-3a2d3719-6f01-4e23-bea3-99cd4bb7c05c msft-kb5029925-b0e4432a-60a1-4e3c-872a-ba7012bcb442 msft-kb5029926-b08945ff-60f4-4622-8264-b63c6a6b0795 msft-kb5029928-3f086561-149b-44e8-9160-25222875a535 msft-kb5029928-416a429e-74cf-4982-ac66-cb93e0566340 msft-kb5029931-0dd59ec5-53f7-4fed-97fe-8a98982b43c3 msft-kb5029931-98a91386-2063-4fbf-ab09-71c6c8b4c2ce msft-kb5029931-f064c2b5-b2f4-4eba-a69d-c6fd93832ec8 msft-kb5029937-3f3eaa90-4538-49e1-b566-8ae52a2536e6 msft-kb5029937-7e72246e-c756-4dcc-95fa-b4f2f66df33d msft-kb5029938-7ab7a780-4264-47dd-a618-c43acf0da018 msft-kb5030160-18caa5c4-3297-4360-aa15-1892e4ba78d8 msft-kb5030213-8a70d83a-8fb5-4fec-a989-9ca8a6ebd163 msft-kb5030213-d028e1ce-791f-4d9d-b797-dba0788453c4 microsoft-windows-windows_server_2016-1607-kb5030213 msft-kb5030220-bff189a6-b562-4c86-acc5-8f50b2baf18e msft-kb5030220-ec0a57a4-61ea-425d-9135-c4ae102c1cf5 References https://attackerkb.com/topics/cve-2023-36796 CVE - 2023-36796 5029242 5029365 5029366 5029915 5029916 5029917 5029919 5029920 5029921 5029922 5029923 5029924 5029925 5029926 5029927 5029928 5029929 5029931 5029932 5029933 5029937 5029938 5030160 5030178 5030179 5030180 5030181 5030182 5030183 5030184 5030185 5030186 5030213 5030220 5030559 5030560 5031217 5032874 5032875 View more

Gentoo Linux: CVE-2023-4903: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 02/02/2024 Added 02/01/2024 Modified 01/28/2025 Description Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-4903 CVE - 2023-4903 202401-34

Microsoft CVE-2023-36794: Visual Studio Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 09/13/2023 Added 09/12/2023 Modified 12/12/2023 Description Microsoft CVE-2023-36794: Visual Studio Remote Code Execution Vulnerability Solution(s) msft-kb5029915-542716df-caf5-415e-8c9f-c38085d34259 msft-kb5029919-0e17a3d0-b8fc-4532-9c71-bc2db076cfde msft-kb5029919-84b53a65-a7f5-4a47-a0aa-42527999c1b1 msft-kb5029919-95ddc985-8460-4a29-9aa0-f709247af5a0 msft-kb5029919-fe3f6ce9-d8d5-441a-950d-346e90ab5b61 msft-kb5029920-a426c73a-7524-4c7f-a70d-85667828cd9b msft-kb5029921-3b881985-a34f-4d5a-ad13-86c323c62882 msft-kb5029921-628c531c-67ef-4610-9abe-1aebed19b278 msft-kb5029922-a41d238e-0ec3-4a3a-9774-7a50cb8c1b6a msft-kb5029923-0d6b22fb-3ac1-43ad-bc95-075d978a91d6 msft-kb5029923-2d155da6-4bb5-4a6e-9ee7-1e4df8daba37 msft-kb5029923-84573830-b6cc-474a-bc71-6621688c948a msft-kb5029923-97dd8942-1d6a-4ed4-8215-99bb804e8498 msft-kb5029925-34d51172-a980-4c94-ab76-97236f5f40e1 msft-kb5029925-3a2d3719-6f01-4e23-bea3-99cd4bb7c05c msft-kb5029925-b0e4432a-60a1-4e3c-872a-ba7012bcb442 msft-kb5029926-b08945ff-60f4-4622-8264-b63c6a6b0795 msft-kb5029928-3f086561-149b-44e8-9160-25222875a535 msft-kb5029928-416a429e-74cf-4982-ac66-cb93e0566340 msft-kb5029931-0dd59ec5-53f7-4fed-97fe-8a98982b43c3 msft-kb5029931-98a91386-2063-4fbf-ab09-71c6c8b4c2ce msft-kb5029931-f064c2b5-b2f4-4eba-a69d-c6fd93832ec8 msft-kb5029937-3f3eaa90-4538-49e1-b566-8ae52a2536e6 msft-kb5029937-7e72246e-c756-4dcc-95fa-b4f2f66df33d msft-kb5029938-7ab7a780-4264-47dd-a618-c43acf0da018 msft-kb5030160-18caa5c4-3297-4360-aa15-1892e4ba78d8 msft-kb5030213-8a70d83a-8fb5-4fec-a989-9ca8a6ebd163 msft-kb5030213-d028e1ce-791f-4d9d-b797-dba0788453c4 microsoft-windows-windows_server_2016-1607-kb5030213 msft-kb5030220-bff189a6-b562-4c86-acc5-8f50b2baf18e msft-kb5030220-ec0a57a4-61ea-425d-9135-c4ae102c1cf5 References https://attackerkb.com/topics/cve-2023-36794 CVE - 2023-36794 5029915 5029916 5029917 5029919 5029920 5029921 5029922 5029923 5029924 5029925 5029926 5029927 5029928 5029929 5029931 5029932 5029933 5029937 5029938 5030160 5030178 5030179 5030180 5030181 5030182 5030183 5030184 5030185 5030186 5030213 5030220 5030559 5030560 5031217 5032874 5032875 View more

Gentoo Linux: CVE-2023-4908: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 02/02/2024 Added 02/01/2024 Modified 01/28/2025 Description Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-4908 CVE - 2023-4908 202401-34

Microsoft Office: CVE-2023-36767: Microsoft Office Security Feature Bypass Vulnerability Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 09/12/2023 Created 09/13/2023 Added 09/12/2023 Modified 01/28/2025 Description Microsoft Office: CVE-2023-36767: Microsoft Office Security Feature Bypass Vulnerability Solution(s) microsoft-office_2016-kb5002457 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-36767 CVE - 2023-36767 https://support.microsoft.com/help/5002457

Oracle Linux: CVE-2023-4527: ELSA-2023-5453:glibc security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:H/Au:N/C:P/I:N/A:C) Published 09/12/2023 Created 10/11/2023 Added 10/10/2023 Modified 12/05/2024 Description A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. Solution(s) oracle-linux-upgrade-compat-libpthread-nonshared oracle-linux-upgrade-glibc oracle-linux-upgrade-glibc-all-langpacks oracle-linux-upgrade-glibc-benchtests oracle-linux-upgrade-glibc-common oracle-linux-upgrade-glibc-devel oracle-linux-upgrade-glibc-doc oracle-linux-upgrade-glibc-gconv-extra oracle-linux-upgrade-glibc-headers oracle-linux-upgrade-glibc-langpack-aa oracle-linux-upgrade-glibc-langpack-af oracle-linux-upgrade-glibc-langpack-agr oracle-linux-upgrade-glibc-langpack-ak oracle-linux-upgrade-glibc-langpack-am oracle-linux-upgrade-glibc-langpack-an oracle-linux-upgrade-glibc-langpack-anp oracle-linux-upgrade-glibc-langpack-ar oracle-linux-upgrade-glibc-langpack-as oracle-linux-upgrade-glibc-langpack-ast oracle-linux-upgrade-glibc-langpack-ayc oracle-linux-upgrade-glibc-langpack-az oracle-linux-upgrade-glibc-langpack-be oracle-linux-upgrade-glibc-langpack-bem oracle-linux-upgrade-glibc-langpack-ber oracle-linux-upgrade-glibc-langpack-bg oracle-linux-upgrade-glibc-langpack-bhb oracle-linux-upgrade-glibc-langpack-bho oracle-linux-upgrade-glibc-langpack-bi oracle-linux-upgrade-glibc-langpack-bn oracle-linux-upgrade-glibc-langpack-bo oracle-linux-upgrade-glibc-langpack-br oracle-linux-upgrade-glibc-langpack-brx oracle-linux-upgrade-glibc-langpack-bs oracle-linux-upgrade-glibc-langpack-byn oracle-linux-upgrade-glibc-langpack-ca oracle-linux-upgrade-glibc-langpack-ce oracle-linux-upgrade-glibc-langpack-chr oracle-linux-upgrade-glibc-langpack-cmn oracle-linux-upgrade-glibc-langpack-crh oracle-linux-upgrade-glibc-langpack-cs oracle-linux-upgrade-glibc-langpack-csb oracle-linux-upgrade-glibc-langpack-cv oracle-linux-upgrade-glibc-langpack-cy oracle-linux-upgrade-glibc-langpack-da oracle-linux-upgrade-glibc-langpack-de oracle-linux-upgrade-glibc-langpack-doi oracle-linux-upgrade-glibc-langpack-dsb oracle-linux-upgrade-glibc-langpack-dv oracle-linux-upgrade-glibc-langpack-dz oracle-linux-upgrade-glibc-langpack-el oracle-linux-upgrade-glibc-langpack-en oracle-linux-upgrade-glibc-langpack-eo oracle-linux-upgrade-glibc-langpack-es oracle-linux-upgrade-glibc-langpack-et oracle-linux-upgrade-glibc-langpack-eu oracle-linux-upgrade-glibc-langpack-fa oracle-linux-upgrade-glibc-langpack-ff oracle-linux-upgrade-glibc-langpack-fi oracle-linux-upgrade-glibc-langpack-fil oracle-linux-upgrade-glibc-langpack-fo oracle-linux-upgrade-glibc-langpack-fr oracle-linux-upgrade-glibc-langpack-fur oracle-linux-upgrade-glibc-langpack-fy oracle-linux-upgrade-glibc-langpack-ga oracle-linux-upgrade-glibc-langpack-gd oracle-linux-upgrade-glibc-langpack-gez oracle-linux-upgrade-glibc-langpack-gl oracle-linux-upgrade-glibc-langpack-gu oracle-linux-upgrade-glibc-langpack-gv oracle-linux-upgrade-glibc-langpack-ha oracle-linux-upgrade-glibc-langpack-hak oracle-linux-upgrade-glibc-langpack-he oracle-linux-upgrade-glibc-langpack-hi oracle-linux-upgrade-glibc-langpack-hif oracle-linux-upgrade-glibc-langpack-hne oracle-linux-upgrade-glibc-langpack-hr oracle-linux-upgrade-glibc-langpack-hsb oracle-linux-upgrade-glibc-langpack-ht oracle-linux-upgrade-glibc-langpack-hu oracle-linux-upgrade-glibc-langpack-hy oracle-linux-upgrade-glibc-langpack-ia oracle-linux-upgrade-glibc-langpack-id oracle-linux-upgrade-glibc-langpack-ig oracle-linux-upgrade-glibc-langpack-ik oracle-linux-upgrade-glibc-langpack-is oracle-linux-upgrade-glibc-langpack-it oracle-linux-upgrade-glibc-langpack-iu oracle-linux-upgrade-glibc-langpack-ja oracle-linux-upgrade-glibc-langpack-ka oracle-linux-upgrade-glibc-langpack-kab oracle-linux-upgrade-glibc-langpack-kk oracle-linux-upgrade-glibc-langpack-kl oracle-linux-upgrade-glibc-langpack-km oracle-linux-upgrade-glibc-langpack-kn oracle-linux-upgrade-glibc-langpack-ko oracle-linux-upgrade-glibc-langpack-kok oracle-linux-upgrade-glibc-langpack-ks oracle-linux-upgrade-glibc-langpack-ku oracle-linux-upgrade-glibc-langpack-kw oracle-linux-upgrade-glibc-langpack-ky oracle-linux-upgrade-glibc-langpack-lb oracle-linux-upgrade-glibc-langpack-lg oracle-linux-upgrade-glibc-langpack-li oracle-linux-upgrade-glibc-langpack-lij oracle-linux-upgrade-glibc-langpack-ln oracle-linux-upgrade-glibc-langpack-lo oracle-linux-upgrade-glibc-langpack-lt oracle-linux-upgrade-glibc-langpack-lv oracle-linux-upgrade-glibc-langpack-lzh oracle-linux-upgrade-glibc-langpack-mag oracle-linux-upgrade-glibc-langpack-mai oracle-linux-upgrade-glibc-langpack-mfe oracle-linux-upgrade-glibc-langpack-mg oracle-linux-upgrade-glibc-langpack-mhr oracle-linux-upgrade-glibc-langpack-mi oracle-linux-upgrade-glibc-langpack-miq oracle-linux-upgrade-glibc-langpack-mjw oracle-linux-upgrade-glibc-langpack-mk oracle-linux-upgrade-glibc-langpack-ml oracle-linux-upgrade-glibc-langpack-mn oracle-linux-upgrade-glibc-langpack-mni oracle-linux-upgrade-glibc-langpack-mr oracle-linux-upgrade-glibc-langpack-ms oracle-linux-upgrade-glibc-langpack-mt oracle-linux-upgrade-glibc-langpack-my oracle-linux-upgrade-glibc-langpack-nan oracle-linux-upgrade-glibc-langpack-nb oracle-linux-upgrade-glibc-langpack-nds oracle-linux-upgrade-glibc-langpack-ne oracle-linux-upgrade-glibc-langpack-nhn oracle-linux-upgrade-glibc-langpack-niu oracle-linux-upgrade-glibc-langpack-nl oracle-linux-upgrade-glibc-langpack-nn oracle-linux-upgrade-glibc-langpack-nr oracle-linux-upgrade-glibc-langpack-nso oracle-linux-upgrade-glibc-langpack-oc oracle-linux-upgrade-glibc-langpack-om oracle-linux-upgrade-glibc-langpack-or oracle-linux-upgrade-glibc-langpack-os oracle-linux-upgrade-glibc-langpack-pa oracle-linux-upgrade-glibc-langpack-pap oracle-linux-upgrade-glibc-langpack-pl oracle-linux-upgrade-glibc-langpack-ps oracle-linux-upgrade-glibc-langpack-pt oracle-linux-upgrade-glibc-langpack-quz oracle-linux-upgrade-glibc-langpack-raj oracle-linux-upgrade-glibc-langpack-ro oracle-linux-upgrade-glibc-langpack-ru oracle-linux-upgrade-glibc-langpack-rw oracle-linux-upgrade-glibc-langpack-sa oracle-linux-upgrade-glibc-langpack-sah oracle-linux-upgrade-glibc-langpack-sat oracle-linux-upgrade-glibc-langpack-sc oracle-linux-upgrade-glibc-langpack-sd oracle-linux-upgrade-glibc-langpack-se oracle-linux-upgrade-glibc-langpack-sgs oracle-linux-upgrade-glibc-langpack-shn oracle-linux-upgrade-glibc-langpack-shs oracle-linux-upgrade-glibc-langpack-si oracle-linux-upgrade-glibc-langpack-sid oracle-linux-upgrade-glibc-langpack-sk oracle-linux-upgrade-glibc-langpack-sl oracle-linux-upgrade-glibc-langpack-sm oracle-linux-upgrade-glibc-langpack-so oracle-linux-upgrade-glibc-langpack-sq oracle-linux-upgrade-glibc-langpack-sr oracle-linux-upgrade-glibc-langpack-ss oracle-linux-upgrade-glibc-langpack-st oracle-linux-upgrade-glibc-langpack-sv oracle-linux-upgrade-glibc-langpack-sw oracle-linux-upgrade-glibc-langpack-szl oracle-linux-upgrade-glibc-langpack-ta oracle-linux-upgrade-glibc-langpack-tcy oracle-linux-upgrade-glibc-langpack-te oracle-linux-upgrade-glibc-langpack-tg oracle-linux-upgrade-glibc-langpack-th oracle-linux-upgrade-glibc-langpack-the oracle-linux-upgrade-glibc-langpack-ti oracle-linux-upgrade-glibc-langpack-tig oracle-linux-upgrade-glibc-langpack-tk oracle-linux-upgrade-glibc-langpack-tl oracle-linux-upgrade-glibc-langpack-tn oracle-linux-upgrade-glibc-langpack-to oracle-linux-upgrade-glibc-langpack-tpi oracle-linux-upgrade-glibc-langpack-tr oracle-linux-upgrade-glibc-langpack-ts oracle-linux-upgrade-glibc-langpack-tt oracle-linux-upgrade-glibc-langpack-ug oracle-linux-upgrade-glibc-langpack-uk oracle-linux-upgrade-glibc-langpack-unm oracle-linux-upgrade-glibc-langpack-ur oracle-linux-upgrade-glibc-langpack-uz oracle-linux-upgrade-glibc-langpack-ve oracle-linux-upgrade-glibc-langpack-vi oracle-linux-upgrade-glibc-langpack-wa oracle-linux-upgrade-glibc-langpack-wae oracle-linux-upgrade-glibc-langpack-wal oracle-linux-upgrade-glibc-langpack-wo oracle-linux-upgrade-glibc-langpack-xh oracle-linux-upgrade-glibc-langpack-yi oracle-linux-upgrade-glibc-langpack-yo oracle-linux-upgrade-glibc-langpack-yue oracle-linux-upgrade-glibc-langpack-yuw oracle-linux-upgrade-glibc-langpack-zh oracle-linux-upgrade-glibc-langpack-zu oracle-linux-upgrade-glibc-locale-source oracle-linux-upgrade-glibc-minimal-langpack oracle-linux-upgrade-glibc-nss-devel oracle-linux-upgrade-glibc-static oracle-linux-upgrade-glibc-utils oracle-linux-upgrade-libnsl oracle-linux-upgrade-nscd oracle-linux-upgrade-nss-db oracle-linux-upgrade-nss-hesiod References https://attackerkb.com/topics/cve-2023-4527 CVE - 2023-4527 ELSA-2023-5453 ELSA-2023-12873 ELSA-2023-5455 ELSA-2023-12872

Rocky Linux: CVE-2023-0119: Satellite-6.14 (RLSA-2023-6818) Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 09/12/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials. Solution(s) rocky-upgrade-libdb-cxx rocky-upgrade-libdb-cxx-debuginfo rocky-upgrade-libdb-debuginfo rocky-upgrade-libdb-debugsource rocky-upgrade-libdb-sql-debuginfo rocky-upgrade-libdb-sql-devel-debuginfo rocky-upgrade-libdb-utils-debuginfo References https://attackerkb.com/topics/cve-2023-0119 CVE - 2023-0119 https://errata.rockylinux.org/RLSA-2023:6818

VMware Photon OS: CVE-2023-4905 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4905 CVE - 2023-4905

VMware Photon OS: CVE-2023-4909 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4909 CVE - 2023-4909

MFSA2023-40 Firefox: Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 (CVE-2023-4863) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 09/14/2023 Added 09/14/2023 Modified 01/28/2025 Description Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) Solution(s) mozilla-firefox-esr-upgrade-102_15_1 mozilla-firefox-esr-upgrade-115_2_1 mozilla-firefox-upgrade-117_0_1 References https://attackerkb.com/topics/cve-2023-4863 CVE - 2023-4863 http://www.mozilla.org/security/announce/2023/mfsa2023-40.html

Ubuntu: (Multiple Advisories) (CVE-2023-4813): GNU C Library vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/12/2023 Created 12/09/2023 Added 12/08/2023 Modified 01/28/2025 Description A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Solution(s) ubuntu-pro-upgrade-libc-bin ubuntu-pro-upgrade-libc6 References https://attackerkb.com/topics/cve-2023-4813 CVE - 2023-4813 USN-6541-1 USN-6541-2

VMware Photon OS: CVE-2023-4863 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4863 CVE - 2023-4863

Microsoft Edge Chromium: CVE-2023-4901 Inappropriate implementation in Prompts Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 09/18/2023 Added 09/16/2023 Modified 01/28/2025 Description Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-4901 CVE - 2023-4901 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4901

Ubuntu: (Multiple Advisories) (CVE-2023-4863): Firefox vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) Solution(s) ubuntu-pro-upgrade-firefox ubuntu-pro-upgrade-libwebp6 ubuntu-pro-upgrade-libwebp7 ubuntu-pro-upgrade-libwebpdemux2 ubuntu-pro-upgrade-libwebpmux3 ubuntu-pro-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-4863 CVE - 2023-4863 USN-6367-1 USN-6368-1 USN-6369-1 USN-6369-2

VMware Photon OS: CVE-2023-4902 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4902 CVE - 2023-4902

Amazon Linux AMI: CVE-2023-4921: Security patch for kernel (ALAS-2023-1838) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/12/2023 Created 10/11/2023 Added 10/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1838 CVE-2023-4921

Gentoo Linux: CVE-2023-4902: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 02/02/2024 Added 02/01/2024 Modified 01/28/2025 Description Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-4902 CVE - 2023-4902 202401-34

Alma Linux: CVE-2023-4813: Important: glibc security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/12/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Solution(s) alma-upgrade-compat-libpthread-nonshared alma-upgrade-glibc alma-upgrade-glibc-all-langpacks alma-upgrade-glibc-benchtests alma-upgrade-glibc-common alma-upgrade-glibc-devel alma-upgrade-glibc-doc alma-upgrade-glibc-gconv-extra alma-upgrade-glibc-headers alma-upgrade-glibc-langpack-aa alma-upgrade-glibc-langpack-af alma-upgrade-glibc-langpack-agr alma-upgrade-glibc-langpack-ak alma-upgrade-glibc-langpack-am alma-upgrade-glibc-langpack-an alma-upgrade-glibc-langpack-anp alma-upgrade-glibc-langpack-ar alma-upgrade-glibc-langpack-as alma-upgrade-glibc-langpack-ast alma-upgrade-glibc-langpack-ayc alma-upgrade-glibc-langpack-az alma-upgrade-glibc-langpack-be alma-upgrade-glibc-langpack-bem alma-upgrade-glibc-langpack-ber alma-upgrade-glibc-langpack-bg alma-upgrade-glibc-langpack-bhb alma-upgrade-glibc-langpack-bho alma-upgrade-glibc-langpack-bi alma-upgrade-glibc-langpack-bn alma-upgrade-glibc-langpack-bo alma-upgrade-glibc-langpack-br alma-upgrade-glibc-langpack-brx alma-upgrade-glibc-langpack-bs alma-upgrade-glibc-langpack-byn alma-upgrade-glibc-langpack-ca alma-upgrade-glibc-langpack-ce alma-upgrade-glibc-langpack-chr alma-upgrade-glibc-langpack-ckb alma-upgrade-glibc-langpack-cmn alma-upgrade-glibc-langpack-crh alma-upgrade-glibc-langpack-cs alma-upgrade-glibc-langpack-csb alma-upgrade-glibc-langpack-cv alma-upgrade-glibc-langpack-cy alma-upgrade-glibc-langpack-da alma-upgrade-glibc-langpack-de alma-upgrade-glibc-langpack-doi alma-upgrade-glibc-langpack-dsb alma-upgrade-glibc-langpack-dv alma-upgrade-glibc-langpack-dz alma-upgrade-glibc-langpack-el alma-upgrade-glibc-langpack-en alma-upgrade-glibc-langpack-eo alma-upgrade-glibc-langpack-es alma-upgrade-glibc-langpack-et alma-upgrade-glibc-langpack-eu alma-upgrade-glibc-langpack-fa alma-upgrade-glibc-langpack-ff alma-upgrade-glibc-langpack-fi alma-upgrade-glibc-langpack-fil alma-upgrade-glibc-langpack-fo alma-upgrade-glibc-langpack-fr alma-upgrade-glibc-langpack-fur alma-upgrade-glibc-langpack-fy alma-upgrade-glibc-langpack-ga alma-upgrade-glibc-langpack-gd alma-upgrade-glibc-langpack-gez alma-upgrade-glibc-langpack-gl alma-upgrade-glibc-langpack-gu alma-upgrade-glibc-langpack-gv alma-upgrade-glibc-langpack-ha alma-upgrade-glibc-langpack-hak alma-upgrade-glibc-langpack-he alma-upgrade-glibc-langpack-hi alma-upgrade-glibc-langpack-hif alma-upgrade-glibc-langpack-hne alma-upgrade-glibc-langpack-hr alma-upgrade-glibc-langpack-hsb alma-upgrade-glibc-langpack-ht alma-upgrade-glibc-langpack-hu alma-upgrade-glibc-langpack-hy alma-upgrade-glibc-langpack-ia alma-upgrade-glibc-langpack-id alma-upgrade-glibc-langpack-ig alma-upgrade-glibc-langpack-ik alma-upgrade-glibc-langpack-is alma-upgrade-glibc-langpack-it alma-upgrade-glibc-langpack-iu alma-upgrade-glibc-langpack-ja alma-upgrade-glibc-langpack-ka alma-upgrade-glibc-langpack-kab alma-upgrade-glibc-langpack-kk alma-upgrade-glibc-langpack-kl alma-upgrade-glibc-langpack-km alma-upgrade-glibc-langpack-kn alma-upgrade-glibc-langpack-ko alma-upgrade-glibc-langpack-kok alma-upgrade-glibc-langpack-ks alma-upgrade-glibc-langpack-ku alma-upgrade-glibc-langpack-kw alma-upgrade-glibc-langpack-ky alma-upgrade-glibc-langpack-lb alma-upgrade-glibc-langpack-lg alma-upgrade-glibc-langpack-li alma-upgrade-glibc-langpack-lij alma-upgrade-glibc-langpack-ln alma-upgrade-glibc-langpack-lo alma-upgrade-glibc-langpack-lt alma-upgrade-glibc-langpack-lv alma-upgrade-glibc-langpack-lzh alma-upgrade-glibc-langpack-mag alma-upgrade-glibc-langpack-mai alma-upgrade-glibc-langpack-mfe alma-upgrade-glibc-langpack-mg alma-upgrade-glibc-langpack-mhr alma-upgrade-glibc-langpack-mi alma-upgrade-glibc-langpack-miq alma-upgrade-glibc-langpack-mjw alma-upgrade-glibc-langpack-mk alma-upgrade-glibc-langpack-ml alma-upgrade-glibc-langpack-mn alma-upgrade-glibc-langpack-mni alma-upgrade-glibc-langpack-mnw alma-upgrade-glibc-langpack-mr alma-upgrade-glibc-langpack-ms alma-upgrade-glibc-langpack-mt alma-upgrade-glibc-langpack-my alma-upgrade-glibc-langpack-nan alma-upgrade-glibc-langpack-nb alma-upgrade-glibc-langpack-nds alma-upgrade-glibc-langpack-ne alma-upgrade-glibc-langpack-nhn alma-upgrade-glibc-langpack-niu alma-upgrade-glibc-langpack-nl alma-upgrade-glibc-langpack-nn alma-upgrade-glibc-langpack-nr alma-upgrade-glibc-langpack-nso alma-upgrade-glibc-langpack-oc alma-upgrade-glibc-langpack-om alma-upgrade-glibc-langpack-or alma-upgrade-glibc-langpack-os alma-upgrade-glibc-langpack-pa alma-upgrade-glibc-langpack-pap alma-upgrade-glibc-langpack-pl alma-upgrade-glibc-langpack-ps alma-upgrade-glibc-langpack-pt alma-upgrade-glibc-langpack-quz alma-upgrade-glibc-langpack-raj alma-upgrade-glibc-langpack-ro alma-upgrade-glibc-langpack-ru alma-upgrade-glibc-langpack-rw alma-upgrade-glibc-langpack-sa alma-upgrade-glibc-langpack-sah alma-upgrade-glibc-langpack-sat alma-upgrade-glibc-langpack-sc alma-upgrade-glibc-langpack-sd alma-upgrade-glibc-langpack-se alma-upgrade-glibc-langpack-sgs alma-upgrade-glibc-langpack-shn alma-upgrade-glibc-langpack-shs alma-upgrade-glibc-langpack-si alma-upgrade-glibc-langpack-sid alma-upgrade-glibc-langpack-sk alma-upgrade-glibc-langpack-sl alma-upgrade-glibc-langpack-sm alma-upgrade-glibc-langpack-so alma-upgrade-glibc-langpack-sq alma-upgrade-glibc-langpack-sr alma-upgrade-glibc-langpack-ss alma-upgrade-glibc-langpack-st alma-upgrade-glibc-langpack-sv alma-upgrade-glibc-langpack-sw alma-upgrade-glibc-langpack-szl alma-upgrade-glibc-langpack-ta alma-upgrade-glibc-langpack-tcy alma-upgrade-glibc-langpack-te alma-upgrade-glibc-langpack-tg alma-upgrade-glibc-langpack-th alma-upgrade-glibc-langpack-the alma-upgrade-glibc-langpack-ti alma-upgrade-glibc-langpack-tig alma-upgrade-glibc-langpack-tk alma-upgrade-glibc-langpack-tl alma-upgrade-glibc-langpack-tn alma-upgrade-glibc-langpack-to alma-upgrade-glibc-langpack-tpi alma-upgrade-glibc-langpack-tr alma-upgrade-glibc-langpack-ts alma-upgrade-glibc-langpack-tt alma-upgrade-glibc-langpack-ug alma-upgrade-glibc-langpack-uk alma-upgrade-glibc-langpack-unm alma-upgrade-glibc-langpack-ur alma-upgrade-glibc-langpack-uz alma-upgrade-glibc-langpack-ve alma-upgrade-glibc-langpack-vi alma-upgrade-glibc-langpack-wa alma-upgrade-glibc-langpack-wae alma-upgrade-glibc-langpack-wal alma-upgrade-glibc-langpack-wo alma-upgrade-glibc-langpack-xh alma-upgrade-glibc-langpack-yi alma-upgrade-glibc-langpack-yo alma-upgrade-glibc-langpack-yue alma-upgrade-glibc-langpack-yuw alma-upgrade-glibc-langpack-zh alma-upgrade-glibc-langpack-zu alma-upgrade-glibc-locale-source alma-upgrade-glibc-minimal-langpack alma-upgrade-glibc-nss-devel alma-upgrade-glibc-static alma-upgrade-glibc-utils alma-upgrade-libnsl alma-upgrade-nscd alma-upgrade-nss_db alma-upgrade-nss_hesiod References https://attackerkb.com/topics/cve-2023-4813 CVE - 2023-4813 https://errata.almalinux.org/8/ALSA-2023-5455.html https://errata.almalinux.org/9/ALSA-2023-5453.html

Huawei EulerOS: CVE-2023-4813: glibc security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/12/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Solution(s) huawei-euleros-2_0_sp8-upgrade-glibc huawei-euleros-2_0_sp8-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp8-upgrade-glibc-common huawei-euleros-2_0_sp8-upgrade-glibc-devel huawei-euleros-2_0_sp8-upgrade-glibc-headers huawei-euleros-2_0_sp8-upgrade-glibc-langpack-aa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-af huawei-euleros-2_0_sp8-upgrade-glibc-langpack-agr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ak huawei-euleros-2_0_sp8-upgrade-glibc-langpack-am huawei-euleros-2_0_sp8-upgrade-glibc-langpack-an huawei-euleros-2_0_sp8-upgrade-glibc-langpack-anp huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ar huawei-euleros-2_0_sp8-upgrade-glibc-langpack-as huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ast huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ayc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-az huawei-euleros-2_0_sp8-upgrade-glibc-langpack-be huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bem huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ber huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bhb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bho huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-br huawei-euleros-2_0_sp8-upgrade-glibc-langpack-brx huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-byn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ca huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ce huawei-euleros-2_0_sp8-upgrade-glibc-langpack-chr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cmn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-crh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-csb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-da huawei-euleros-2_0_sp8-upgrade-glibc-langpack-de huawei-euleros-2_0_sp8-upgrade-glibc-langpack-doi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dsb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-el huawei-euleros-2_0_sp8-upgrade-glibc-langpack-en huawei-euleros-2_0_sp8-upgrade-glibc-langpack-eo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-es huawei-euleros-2_0_sp8-upgrade-glibc-langpack-et huawei-euleros-2_0_sp8-upgrade-glibc-langpack-eu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ff huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fil huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fur huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ga huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gd huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gez huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ha huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hak huawei-euleros-2_0_sp8-upgrade-glibc-langpack-he huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hif huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hne huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hsb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ht huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ia huawei-euleros-2_0_sp8-upgrade-glibc-langpack-id huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ig huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ik huawei-euleros-2_0_sp8-upgrade-glibc-langpack-is huawei-euleros-2_0_sp8-upgrade-glibc-langpack-it huawei-euleros-2_0_sp8-upgrade-glibc-langpack-iu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ja huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ka huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kab huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-km huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ko huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kok huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ks huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ku huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ky huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-li huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lij huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ln huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lzh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mag huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mai huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mfe huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mhr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-miq huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mjw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ml huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mni huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ms huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-my huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nan huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nds huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ne huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nhn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-niu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nso huawei-euleros-2_0_sp8-upgrade-glibc-langpack-oc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-om huawei-euleros-2_0_sp8-upgrade-glibc-langpack-or huawei-euleros-2_0_sp8-upgrade-glibc-langpack-os huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pap huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ps huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-quz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-raj huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ro huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ru huawei-euleros-2_0_sp8-upgrade-glibc-langpack-rw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sah huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sat huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sd huawei-euleros-2_0_sp8-upgrade-glibc-langpack-se huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sgs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-shn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-shs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-si huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sid huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sm huawei-euleros-2_0_sp8-upgrade-glibc-langpack-so huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sq huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ss huawei-euleros-2_0_sp8-upgrade-glibc-langpack-st huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-szl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ta huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tcy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-te huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-th huawei-euleros-2_0_sp8-upgrade-glibc-langpack-the huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ti huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tig huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-to huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tpi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ts huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ug huawei-euleros-2_0_sp8-upgrade-glibc-langpack-uk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-unm huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ur huawei-euleros-2_0_sp8-upgrade-glibc-langpack-uz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ve huawei-euleros-2_0_sp8-upgrade-glibc-langpack-vi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wae huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wal huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-xh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yue huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yuw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-zh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-zu huawei-euleros-2_0_sp8-upgrade-glibc-locale-source huawei-euleros-2_0_sp8-upgrade-glibc-minimal-langpack huawei-euleros-2_0_sp8-upgrade-glibc-static huawei-euleros-2_0_sp8-upgrade-glibc-utils huawei-euleros-2_0_sp8-upgrade-libnsl huawei-euleros-2_0_sp8-upgrade-nscd huawei-euleros-2_0_sp8-upgrade-nss_db huawei-euleros-2_0_sp8-upgrade-nss_hesiod References https://attackerkb.com/topics/cve-2023-4813 CVE - 2023-4813 EulerOS-SA-2024-1268

Red Hat: CVE-2023-4863: Heap buffer overflow in WebP Codec (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 09/20/2023 Added 09/19/2023 Modified 01/28/2025 Description Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-libwebp redhat-upgrade-libwebp-debuginfo redhat-upgrade-libwebp-debugsource redhat-upgrade-libwebp-devel redhat-upgrade-libwebp-java-debuginfo redhat-upgrade-libwebp-tools redhat-upgrade-libwebp-tools-debuginfo redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-4863 RHSA-2023:5184 RHSA-2023:5189 RHSA-2023:5191 RHSA-2023:5197 RHSA-2023:5198 RHSA-2023:5200 RHSA-2023:5201 RHSA-2023:5202 RHSA-2023:5204 RHSA-2023:5205 RHSA-2023:5214 RHSA-2023:5223 RHSA-2023:5224 RHSA-2023:5309 View more

Huawei EulerOS: CVE-2023-4813: glibc security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/12/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Solution(s) huawei-euleros-2_0_sp9-upgrade-glibc huawei-euleros-2_0_sp9-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp9-upgrade-glibc-common huawei-euleros-2_0_sp9-upgrade-glibc-debugutils huawei-euleros-2_0_sp9-upgrade-glibc-locale-source huawei-euleros-2_0_sp9-upgrade-libnsl huawei-euleros-2_0_sp9-upgrade-nscd References https://attackerkb.com/topics/cve-2023-4813 CVE - 2023-4813 EulerOS-SA-2023-3330

Huawei EulerOS: CVE-2023-4863: libwebp security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/12/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) Solution(s) huawei-euleros-2_0_sp8-upgrade-libwebp References https://attackerkb.com/topics/cve-2023-4863 CVE - 2023-4863 EulerOS-SA-2024-1280

VMware Photon OS: CVE-2023-4908 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4908 CVE - 2023-4908

VMware Photon OS: CVE-2023-4904 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/12/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4904 CVE - 2023-4904