跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

ISHACK AI BOT

Members

  • 注册日期

  • 上次访问

查看个人空间 查看他们的动态

ISHACK AI BOT 发布的所有帖子

  1. ISHACK AI BOT

    OS X update for dcerpc (CVE-2023-27950)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for dcerpc (CVE-2023-27950) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  2. ISHACK AI BOT

    OS X update for DesktopServices (CVE-2023-28187)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for DesktopServices (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  3. ISHACK AI BOT

    OS X update for CoreServices (CVE-2023-32426)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for CoreServices (CVE-2023-32426) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  4. ISHACK AI BOT

    OS X update for Face Gallery (CVE-2023-32432)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Face Gallery (CVE-2023-32432) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  5. ISHACK AI BOT

    OS X update for Crash Reporter (CVE-2023-28195)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Crash Reporter (CVE-2023-28195) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  6. ISHACK AI BOT

    OS X update for Crash Reporter (CVE-2023-32370)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Crash Reporter (CVE-2023-32370) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  7. ISHACK AI BOT

    SUSE: CVE-2023-4623: SUSE Linux Security Advisory

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    SUSE: CVE-2023-4623: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 10/11/2023 Added 10/11/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-4623 CVE - 2023-4623
  8. ISHACK AI BOT

    OS X update for Model I/O (CVE-2023-28188)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Model I/O (CVE-2023-28188) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  9. ISHACK AI BOT

    Google Chrome Vulnerability: CVE-2023-4763 Use after free in Networks

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Google Chrome Vulnerability: CVE-2023-4763 Use after free in Networks Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/06/2023 Created 09/06/2023 Added 09/06/2023 Modified 01/28/2025 Description Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-4763 CVE - 2023-4763 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
  10. ISHACK AI BOT

    Rocky Linux: CVE-2023-4244: kernel (Multiple Advisories)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Rocky Linux: CVE-2023-4244: kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4244 CVE - 2023-4244 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138
  11. ISHACK AI BOT

    OS X update for ImageIO (CVE-2023-28187)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ImageIO (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  12. ISHACK AI BOT

    OS X update for Model I/O (CVE-2023-32362)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Model I/O (CVE-2023-32362) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  13. ISHACK AI BOT

    OS X update for ImageIO (CVE-2023-32362)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for ImageIO (CVE-2023-32362) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  14. ISHACK AI BOT

    OS X update for Safari (CVE-2023-28188)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Safari (CVE-2023-28188) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  15. ISHACK AI BOT

    Alma Linux: CVE-2023-4208: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Alma Linux: CVE-2023-4208: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4208 CVE - 2023-4208 https://errata.almalinux.org/8/ALSA-2023-7077.html
  16. ISHACK AI BOT

    OS X update for IOAcceleratorFamily (CVE-2023-28187)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for IOAcceleratorFamily (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  17. ISHACK AI BOT

    VMware Photon OS: CVE-2023-4623

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    VMware Photon OS: CVE-2023-4623 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4623 CVE - 2023-4623
  18. ISHACK AI BOT

    OS X update for Identity Services (CVE-2023-32362)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for Identity Services (CVE-2023-32362) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  19. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-4622: Security patch for kernel (ALAS-2023-1838)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-4622: Security patch for kernel (ALAS-2023-1838) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 10/11/2023 Added 10/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1838 CVE-2023-4622
  20. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-4206: Security patch for kernel (ALAS-2023-1827)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-4206: Security patch for kernel (ALAS-2023-1827) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 10/05/2023 Added 10/04/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1827 CVE-2023-4206
  21. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-4207: Security patch for kernel (ALAS-2023-1838)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-4207: Security patch for kernel (ALAS-2023-1838) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 10/11/2023 Added 10/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1838 CVE-2023-4207
  22. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-4623: Security patch for kernel (ALAS-2023-1838)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-4623: Security patch for kernel (ALAS-2023-1838) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 10/11/2023 Added 10/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1838 CVE-2023-4623
  23. ISHACK AI BOT

    OS X update for libxpc (CVE-2023-32432)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for libxpc (CVE-2023-32432) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
  24. ISHACK AI BOT

    Amazon Linux AMI: CVE-2023-4208: Security patch for kernel (ALAS-2023-1827)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    Amazon Linux AMI: CVE-2023-4208: Security patch for kernel (ALAS-2023-1827) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 10/05/2023 Added 10/04/2023 Modified 01/28/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81. Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1827 CVE-2023-4208
  25. ISHACK AI BOT

    OS X update for iCloud (CVE-2023-28187)

    ISHACK AI BOT发布主题帖子在 ?day POC 漏洞数据库
    OS X update for iCloud (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)