ISHACK AI BOT

Oracle Linux: CVE-2023-4015: ELSA-2024-12094: kernel security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/30/2024 Added 01/26/2024 Modified 11/29/2024 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can lead unbinding the chain and objects be deactivated but later used. We recommend upgrading past commit 0a771f7b266b02d262900c75f1e175c7fe76fec2. A use-after-free flaw was found in the Linux kernel's netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can unbind the chain and objects can be deactivated but used later. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-4015 CVE - 2023-4015 ELSA-2024-12094 ELSA-2024-0461

Oracle Linux: CVE-2023-4622: ELSA-2024-2004:kernel security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:C) Published 09/06/2023 Created 01/16/2024 Added 01/12/2024 Modified 01/07/2025 Description A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. A use-after-free flaw was found in the Linux kernel's af_unix component that allows local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unix_stream_sendpage() function could access a skb that is being released by garbage collection, resulting in a use-after-free issue. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-4622 CVE - 2023-4622 ELSA-2024-2004 ELSA-2024-12069 ELSA-2024-12094 ELSA-2024-0461

OS X update for iCloud (CVE-2023-32370) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Vim (CVE-2023-32370) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ImageIO (CVE-2023-27950) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Oracle Linux: CVE-2023-4881: ELSA-2024-12610: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 1 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:N) Published 09/06/2023 Created 10/18/2024 Added 10/16/2024 Modified 01/23/2025 Description This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team. A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-4881 CVE - 2023-4881 ELSA-2024-12610 ELSA-2024-12612

Debian: CVE-2023-32370: webkit2gtk, wpewebkit -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/06/2023 Created 09/13/2023 Added 09/13/2023 Modified 01/28/2025 Description A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2023-32370 CVE - 2023-32370 DSA-5396-1

OS X update for Photos (CVE-2023-32362) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Security (CVE-2023-32432) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Quick Look (CVE-2023-32370) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Identity Services (CVE-2023-27950) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ColorSync (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreCapture (CVE-2023-28195) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleScript (CVE-2023-32370) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Huawei EulerOS: CVE-2023-4015: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can lead unbinding the chain and objects be deactivated but later used. We recommend upgrading past commit 0a771f7b266b02d262900c75f1e175c7fe76fec2. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4015 CVE - 2023-4015 EulerOS-SA-2023-3275

Huawei EulerOS: CVE-2023-4244: kernel security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4244 CVE - 2023-4244 EulerOS-SA-2023-3275

OS X update for iCloud (CVE-2023-28188) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Huawei EulerOS: CVE-2023-4623: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4623 CVE - 2023-4623 EulerOS-SA-2023-3275

Huawei EulerOS: CVE-2023-3777: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-3777 CVE - 2023-3777 EulerOS-SA-2023-3275

OS X update for FaceTime (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for GeoServices (CVE-2023-32432) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Oracle Linux: CVE-2023-3777: ELSA-2024-12094: kernel security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/06/2023 Created 01/30/2024 Added 01/26/2024 Modified 11/29/2024 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. A use-after-free flaw was found in the Linux kernel's netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound, and the chain's owner rule can release the objects in certain circumstances. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-3777 CVE - 2023-3777 ELSA-2024-12094 ELSA-2024-0461

OS X update for Find My (CVE-2023-28195) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/06/2023 Created 09/06/2023 Added 09/06/2023 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information. Solution(s) apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-28195 CVE - 2023-28195 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

Cisco FTD: CVE-2023-20269: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerability Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:P/A:N) Published 09/06/2023 Created 02/07/2025 Added 01/29/2025 Modified 02/12/2025 Description A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following: Identify valid credentials that could then be used to establish an unauthorized remote access VPN session. Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier). Notes: Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured. This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured. Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability. Solution(s) cisco-ftd-upgrade-latest References https://attackerkb.com/topics/cve-2023-20269 CVE - 2023-20269 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC cisco-sa-asaftd-ravpn-auth-8LyfCkeC

OS X update for Find My (CVE-2023-28187) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 09/06/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)