ISHACK AI BOT

OS X update for Find My (CVE-2020-19185) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Find My (CVE-2020-19190) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for curl (CVE-2020-19189) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Emoji (CVE-2020-19185) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for DiskArbitration (CVE-2020-19188) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AVEVideoEncoder (CVE-2020-19188) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alpine Linux: CVE-2022-47673: Out-of-bounds Read Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47673 CVE - 2022-47673 https://security.alpinelinux.org/vuln/CVE-2022-47673

Ubuntu: (CVE-2022-47696): binutils vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. Solution(s) ubuntu-pro-upgrade-binutils References https://attackerkb.com/topics/cve-2022-47696 CVE - 2022-47696 https://sourceware.org/bugzilla/show_bug.cgi?id=29677 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1 https://www.cve.org/CVERecord?id=CVE-2022-47696

Ubuntu: (Multiple Advisories) (CVE-2022-48063): GNU binutils vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Solution(s) ubuntu-pro-upgrade-binutils ubuntu-pro-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2022-48063 CVE - 2022-48063 USN-6413-1 USN-6655-1

Ubuntu: (Multiple Advisories) (CVE-2022-48564): Python vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 11/25/2023 Added 11/24/2023 Modified 01/28/2025 Description read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. Solution(s) ubuntu-pro-upgrade-python2-7 ubuntu-pro-upgrade-python3-5 ubuntu-pro-upgrade-python3-5-minimal ubuntu-pro-upgrade-python3-6 ubuntu-pro-upgrade-python3-6-minimal ubuntu-pro-upgrade-python3-7 ubuntu-pro-upgrade-python3-7-minimal ubuntu-pro-upgrade-python3-8 ubuntu-pro-upgrade-python3-8-minimal References https://attackerkb.com/topics/cve-2022-48564 CVE - 2022-48564 USN-6513-1 USN-6513-2 USN-6891-1

OS X update for CoreServices (CVE-2020-19189) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alpine Linux: CVE-2022-47069: Out-of-bounds Write Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. Solution(s) alpine-linux-upgrade-p7zip References https://attackerkb.com/topics/cve-2022-47069 CVE - 2022-47069 https://security.alpinelinux.org/vuln/CVE-2022-47069

Ubuntu: USN-6359-1 (CVE-2022-48554): file vulnerability Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/30/2025 Description File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. Solution(s) ubuntu-upgrade-file ubuntu-upgrade-libmagic1 References https://attackerkb.com/topics/cve-2022-48554 CVE - 2022-48554 DSA-5489 USN-6359-1

Ubuntu: (Multiple Advisories) (CVE-2022-48560): Python vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 09/22/2023 Added 09/22/2023 Modified 01/28/2025 Description A use-after-free exists in Python through 3.9 via heappushpop in heapq. Solution(s) ubuntu-pro-upgrade-python2-7 ubuntu-pro-upgrade-python3-5 ubuntu-pro-upgrade-python3-5-minimal ubuntu-pro-upgrade-python3-6 ubuntu-pro-upgrade-python3-6-minimal ubuntu-pro-upgrade-python3-7 ubuntu-pro-upgrade-python3-7-minimal ubuntu-pro-upgrade-python3-8 ubuntu-pro-upgrade-python3-8-minimal References https://attackerkb.com/topics/cve-2022-48560 CVE - 2022-48560 USN-6394-1 USN-6394-2 USN-6891-1 USN-7180-1

Ubuntu: (Multiple Advisories) (CVE-2022-48566): Python vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 08/22/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. Solution(s) ubuntu-pro-upgrade-libpython2-7 ubuntu-pro-upgrade-libpython2-7-minimal ubuntu-pro-upgrade-libpython2-7-stdlib ubuntu-pro-upgrade-libpython3-5 ubuntu-pro-upgrade-libpython3-5-minimal ubuntu-pro-upgrade-libpython3-5-stdlib ubuntu-pro-upgrade-python2-7 ubuntu-pro-upgrade-python3-5 ubuntu-pro-upgrade-python3-5-minimal ubuntu-pro-upgrade-python3-6 ubuntu-pro-upgrade-python3-6-minimal ubuntu-pro-upgrade-python3-7 ubuntu-pro-upgrade-python3-7-minimal ubuntu-pro-upgrade-python3-8 ubuntu-pro-upgrade-python3-8-minimal References https://attackerkb.com/topics/cve-2022-48566 CVE - 2022-48566 USN-6400-1 USN-6891-1 USN-7180-1

Gentoo Linux: CVE-2021-32292: json-c: Buffer Overflow Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit. Solution(s) gentoo-linux-upgrade-dev-libs-json-c References https://attackerkb.com/topics/cve-2021-32292 CVE - 2021-32292 202408-08

Alpine Linux: CVE-2022-44840: Out-of-bounds Write Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2022-44840 CVE - 2022-44840 https://security.alpinelinux.org/vuln/CVE-2022-44840

VMware Photon OS: CVE-2022-35205 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-35205 CVE - 2022-35205

Amazon Linux AMI: CVE-2022-47022: Security patch for hwloc (ALAS-2023-1833) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 08/22/2023 Created 09/28/2023 Added 09/26/2023 Modified 01/28/2025 Description An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. Solution(s) amazon-linux-upgrade-hwloc References ALAS-2023-1833 CVE-2022-47022

VMware Photon OS: CVE-2022-48065 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48065 CVE - 2022-48065

Huawei EulerOS: CVE-2022-48063: binutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Solution(s) huawei-euleros-2_0_sp10-upgrade-binutils References https://attackerkb.com/topics/cve-2022-48063 CVE - 2022-48063 EulerOS-SA-2023-3200

SUSE: CVE-2020-18652: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file. Solution(s) suse-upgrade-exempi-tools suse-upgrade-libexempi-devel suse-upgrade-libexempi3 suse-upgrade-libexempi3-32bit References https://attackerkb.com/topics/cve-2020-18652 CVE - 2020-18652

SUSE: CVE-2020-22218: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. Solution(s) suse-upgrade-libssh2-1 suse-upgrade-libssh2-1-32bit suse-upgrade-libssh2-devel References https://attackerkb.com/topics/cve-2020-22218 CVE - 2020-22218

VMware Photon OS: CVE-2022-47011 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-47011 CVE - 2022-47011

VMware Photon OS: CVE-2022-47022 Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 08/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-47022 CVE - 2022-47022