ISHACK AI BOT

Debian: CVE-2023-40745: tiff -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/30/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Solution(s) debian-upgrade-tiff References https://attackerkb.com/topics/cve-2023-40745 CVE - 2023-40745 DLA-3513-1

SUSE: CVE-2023-41040: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:P) Published 08/30/2023 Created 09/26/2023 Added 09/26/2023 Modified 01/28/2025 Description GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed. Solution(s) suse-upgrade-python3-gitpython References https://attackerkb.com/topics/cve-2023-41040 CVE - 2023-41040

Google Chrome Vulnerability: CVE-2023-4572 Use after free in MediaStream Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/30/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-4572 CVE - 2023-4572 https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html

FreeBSD: VID-4061A4B2-4FB1-11EE-ACC7-0151F07BC899: gitea -- block user account creation from blocked email domains Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/30/2023 Created 09/13/2023 Added 09/11/2023 Modified 09/11/2023 Description The Gitea team reports: check blocklist for emails when adding them to account Solution(s) freebsd-upgrade-package-gitea

Oracle Linux: CVE-2023-39189: ELSA-2024-2394:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:P) Published 08/30/2023 Created 05/21/2024 Added 05/14/2024 Modified 01/07/2025 Description A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-39189 CVE - 2023-39189 ELSA-2024-2394 ELSA-2024-3138

Debian: CVE-2023-41040: python-git -- security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:P) Published 08/30/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/30/2025 Description GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37. Solution(s) debian-upgrade-python-git References https://attackerkb.com/topics/cve-2023-41040 CVE - 2023-41040 DLA-3589-1

Debian: CVE-2023-40889: zbar -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 12/05/2023 Added 12/04/2023 Modified 01/28/2025 Description A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner. Solution(s) debian-upgrade-zbar References https://attackerkb.com/topics/cve-2023-40889 CVE - 2023-40889 DLA-3675-1

Debian: CVE-2023-4572: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-4572 CVE - 2023-4572 DSA-5487-1

Debian: CVE-2023-38802: frr -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 09/13/2023 Added 09/12/2023 Modified 01/28/2025 Description FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). Solution(s) debian-upgrade-frr References https://attackerkb.com/topics/cve-2023-38802 CVE - 2023-38802 DSA-5495 DSA-5495-1

Debian: CVE-2023-41360: frr -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 08/29/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. Solution(s) debian-upgrade-frr References https://attackerkb.com/topics/cve-2023-41360 CVE - 2023-41360 DLA-3573-1

Debian: CVE-2023-41361: frr -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version. Solution(s) debian-upgrade-frr References https://attackerkb.com/topics/cve-2023-41361 CVE - 2023-41361 DLA-3573-1

Debian: CVE-2023-40890: zbar -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 12/05/2023 Added 12/04/2023 Modified 01/28/2025 Description A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner. Solution(s) debian-upgrade-zbar References https://attackerkb.com/topics/cve-2023-40890 CVE - 2023-40890 DLA-3675-1

MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4577) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2023-4577 CVE - 2023-4577 http://www.mozilla.org/security/announce/2023/mfsa2023-34.html

MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4582) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2023-4582 CVE - 2023-4582 http://www.mozilla.org/security/announce/2023/mfsa2023-34.html

MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4584) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2023-4584 CVE - 2023-4584 http://www.mozilla.org/security/announce/2023/mfsa2023-34.html

Oracle Linux: CVE-2023-4574: ELSA-2023-4945:thunderbird security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 08/29/2023 Created 05/22/2024 Added 05/21/2024 Modified 12/06/2024 Description When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox &lt; 117, Firefox ESR &lt; 102.15, Firefox ESR &lt; 115.2, Thunderbird &lt; 102.15, and Thunderbird &lt; 115.2. The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-4574 CVE - 2023-4574 ELSA-2023-4945 ELSA-2023-5019 ELSA-2023-4958 ELSA-2023-4952 ELSA-2023-4954 ELSA-2023-4955 View more

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure Disclosed 08/29/2023 Created 10/24/2023 Description VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user. Author(s) h00die SinSinology Harsh Jaiswal ( <Harsh Jaiswal (@rootxharsh)> Rahul Maini ( <Rahul Maini (@iamnoooob)> Platform Unix Architectures cmd Development Source Code History

MFSA2023-35 Firefox: Security Vulnerabilities fixed in Firefox ESR 102.15 (CVE-2023-4574) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-esr-upgrade-102_15 References https://attackerkb.com/topics/cve-2023-4574 CVE - 2023-4574 http://www.mozilla.org/security/announce/2023/mfsa2023-35.html

MFSA2023-36 Firefox: Security Vulnerabilities fixed in Firefox ESR 115.2 (CVE-2023-4581) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/30/2025 Description Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-esr-upgrade-115_2 References https://attackerkb.com/topics/cve-2023-4581 CVE - 2023-4581 http://www.mozilla.org/security/announce/2023/mfsa2023-36.html

MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4583) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2023-4583 CVE - 2023-4583 http://www.mozilla.org/security/announce/2023/mfsa2023-34.html

MFSA2023-36 Firefox: Security Vulnerabilities fixed in Firefox ESR 115.2 (CVE-2023-4573) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-esr-upgrade-115_2 References https://attackerkb.com/topics/cve-2023-4573 CVE - 2023-4573 http://www.mozilla.org/security/announce/2023/mfsa2023-36.html

MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4581) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/30/2025 Description Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2023-4581 CVE - 2023-4581 http://www.mozilla.org/security/announce/2023/mfsa2023-34.html

MFSA2023-34 Firefox: Security Vulnerabilities fixed in Firefox 117 (CVE-2023-4580) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) mozilla-firefox-upgrade-117_0 References https://attackerkb.com/topics/cve-2023-4580 CVE - 2023-4580 http://www.mozilla.org/security/announce/2023/mfsa2023-34.html

MFSA2023-36 Firefox: Security Vulnerabilities fixed in Firefox ESR 115.2 (CVE-2023-4574) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-esr-upgrade-115_2 References https://attackerkb.com/topics/cve-2023-4574 CVE - 2023-4574 http://www.mozilla.org/security/announce/2023/mfsa2023-36.html

MFSA2023-36 Firefox: Security Vulnerabilities fixed in Firefox ESR 115.2 (CVE-2023-4575) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2023 Created 08/30/2023 Added 08/30/2023 Modified 01/28/2025 Description When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) mozilla-firefox-esr-upgrade-115_2 References https://attackerkb.com/topics/cve-2023-4575 CVE - 2023-4575 http://www.mozilla.org/security/announce/2023/mfsa2023-36.html