ISHACK AI BOT

Ubuntu: USN-6822-1 (CVE-2023-32002): Node.js vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/21/2023 Created 07/02/2024 Added 07/01/2024 Modified 01/28/2025 Description The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) ubuntu-upgrade-libnode108 ubuntu-upgrade-libnode72 ubuntu-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-32002 CVE - 2023-32002 USN-6822-1

Amazon Linux AMI: CVE-2022-46751: Security patch for apache-ivy (ALAS-2023-1863) Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:P) Published 08/21/2023 Created 10/27/2023 Added 10/25/2023 Modified 01/28/2025 Description Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used. This can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways. Starting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed. Users of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about "JAXP Properties for External Access restrictions" inside Oracle's "Java API for XML Processing (JAXP) Security Guide". Solution(s) amazon-linux-upgrade-apache-ivy References ALAS-2023-1863 CVE-2022-46751

Debian: CVE-2023-37369: qtbase-opensource-src, qtbase-opensource-src-gles -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) debian-upgrade-qtbase-opensource-src debian-upgrade-qtbase-opensource-src-gles References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369 DLA-3539-1

Alma Linux: CVE-2023-37369: Moderate: qt5-qtbase security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) alma-upgrade-qt5 alma-upgrade-qt5-devel alma-upgrade-qt5-qtbase alma-upgrade-qt5-qtbase-common alma-upgrade-qt5-qtbase-devel alma-upgrade-qt5-qtbase-examples alma-upgrade-qt5-qtbase-gui alma-upgrade-qt5-qtbase-mysql alma-upgrade-qt5-qtbase-odbc alma-upgrade-qt5-qtbase-postgresql alma-upgrade-qt5-qtbase-private-devel alma-upgrade-qt5-qtbase-static alma-upgrade-qt5-rpm-macros alma-upgrade-qt5-srpm-macros References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369 https://errata.almalinux.org/8/ALSA-2023-6967.html https://errata.almalinux.org/9/ALSA-2023-6369.html

MediaWiki: Unspecified Security Vulnerability (CVE-2023-36674) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 08/20/2023 Created 08/28/2023 Added 08/28/2023 Modified 01/28/2025 Description An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax. Solution(s) mediawiki-upgrade-1_35_11 mediawiki-upgrade-1_38_7 mediawiki-upgrade-1_39_4 References https://attackerkb.com/topics/cve-2023-36674 CVE - 2023-36674 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/ https://phabricator.wikimedia.org/T335612

Amazon Linux AMI 2: CVE-2023-37369: Security patch for qt5-qtbase (ALAS-2024-2533) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 05/01/2024 Added 05/01/2024 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) amazon-linux-ami-2-upgrade-qt5-qtbase amazon-linux-ami-2-upgrade-qt5-qtbase-common amazon-linux-ami-2-upgrade-qt5-qtbase-debuginfo amazon-linux-ami-2-upgrade-qt5-qtbase-devel amazon-linux-ami-2-upgrade-qt5-qtbase-doc amazon-linux-ami-2-upgrade-qt5-qtbase-examples amazon-linux-ami-2-upgrade-qt5-qtbase-gui amazon-linux-ami-2-upgrade-qt5-qtbase-mysql amazon-linux-ami-2-upgrade-qt5-qtbase-odbc amazon-linux-ami-2-upgrade-qt5-qtbase-postgresql amazon-linux-ami-2-upgrade-qt5-qtbase-static amazon-linux-ami-2-upgrade-qt5-rpm-macros References https://attackerkb.com/topics/cve-2023-37369 AL2/ALAS-2024-2533 CVE - 2023-37369

SUSE: CVE-2023-37369: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 12/02/2023 Added 12/01/2023 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) suse-upgrade-libqt4 suse-upgrade-libqt4-32bit suse-upgrade-libqt4-devel suse-upgrade-libqt4-devel-doc suse-upgrade-libqt4-devel-doc-data suse-upgrade-libqt4-linguist suse-upgrade-libqt4-private-headers-devel suse-upgrade-libqt4-qt3support suse-upgrade-libqt4-qt3support-32bit suse-upgrade-libqt4-sql suse-upgrade-libqt4-sql-32bit suse-upgrade-libqt4-sql-mysql suse-upgrade-libqt4-sql-mysql-32bit suse-upgrade-libqt4-sql-postgresql suse-upgrade-libqt4-sql-postgresql-32bit suse-upgrade-libqt4-sql-sqlite suse-upgrade-libqt4-sql-sqlite-32bit suse-upgrade-libqt4-sql-unixodbc suse-upgrade-libqt4-sql-unixodbc-32bit suse-upgrade-libqt4-x11 suse-upgrade-libqt4-x11-32bit suse-upgrade-libqt5-qtbase-common-devel suse-upgrade-libqt5-qtbase-devel suse-upgrade-libqt5-qtbase-examples suse-upgrade-libqt5-qtbase-examples-32bit suse-upgrade-libqt5-qtbase-platformtheme-gtk3 suse-upgrade-libqt5-qtbase-platformtheme-xdgdesktopportal suse-upgrade-libqt5-qtbase-private-headers-devel suse-upgrade-libqt5bootstrap-devel-static suse-upgrade-libqt5bootstrap-devel-static-32bit suse-upgrade-libqt5concurrent-devel suse-upgrade-libqt5concurrent-devel-32bit suse-upgrade-libqt5concurrent5 suse-upgrade-libqt5concurrent5-32bit suse-upgrade-libqt5core-devel suse-upgrade-libqt5core-devel-32bit suse-upgrade-libqt5core-private-headers-devel suse-upgrade-libqt5core5 suse-upgrade-libqt5core5-32bit suse-upgrade-libqt5dbus-devel suse-upgrade-libqt5dbus-devel-32bit suse-upgrade-libqt5dbus-private-headers-devel suse-upgrade-libqt5dbus5 suse-upgrade-libqt5dbus5-32bit suse-upgrade-libqt5gui-devel suse-upgrade-libqt5gui-devel-32bit suse-upgrade-libqt5gui-private-headers-devel suse-upgrade-libqt5gui5 suse-upgrade-libqt5gui5-32bit suse-upgrade-libqt5kmssupport-devel-static suse-upgrade-libqt5kmssupport-private-headers-devel suse-upgrade-libqt5network-devel suse-upgrade-libqt5network-devel-32bit suse-upgrade-libqt5network-private-headers-devel suse-upgrade-libqt5network5 suse-upgrade-libqt5network5-32bit suse-upgrade-libqt5opengl-devel suse-upgrade-libqt5opengl-devel-32bit suse-upgrade-libqt5opengl-private-headers-devel suse-upgrade-libqt5opengl5 suse-upgrade-libqt5opengl5-32bit suse-upgrade-libqt5openglextensions-devel-static suse-upgrade-libqt5openglextensions-devel-static-32bit suse-upgrade-libqt5platformheaders-devel suse-upgrade-libqt5platformsupport-devel-static suse-upgrade-libqt5platformsupport-devel-static-32bit suse-upgrade-libqt5platformsupport-private-headers-devel suse-upgrade-libqt5printsupport-devel suse-upgrade-libqt5printsupport-devel-32bit suse-upgrade-libqt5printsupport-private-headers-devel suse-upgrade-libqt5printsupport5 suse-upgrade-libqt5printsupport5-32bit suse-upgrade-libqt5sql-devel suse-upgrade-libqt5sql-devel-32bit suse-upgrade-libqt5sql-private-headers-devel suse-upgrade-libqt5sql5 suse-upgrade-libqt5sql5-32bit suse-upgrade-libqt5sql5-mysql suse-upgrade-libqt5sql5-mysql-32bit suse-upgrade-libqt5sql5-postgresql suse-upgrade-libqt5sql5-postgresql-32bit suse-upgrade-libqt5sql5-sqlite suse-upgrade-libqt5sql5-sqlite-32bit suse-upgrade-libqt5sql5-unixodbc suse-upgrade-libqt5sql5-unixodbc-32bit suse-upgrade-libqt5test-devel suse-upgrade-libqt5test-devel-32bit suse-upgrade-libqt5test-private-headers-devel suse-upgrade-libqt5test5 suse-upgrade-libqt5test5-32bit suse-upgrade-libqt5widgets-devel suse-upgrade-libqt5widgets-devel-32bit suse-upgrade-libqt5widgets-private-headers-devel suse-upgrade-libqt5widgets5 suse-upgrade-libqt5widgets5-32bit suse-upgrade-libqt5xml-devel suse-upgrade-libqt5xml-devel-32bit suse-upgrade-libqt5xml5 suse-upgrade-libqt5xml5-32bit suse-upgrade-qt4-x11-tools References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369

Huawei EulerOS: CVE-2023-37369: qt5-qtbase security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) huawei-euleros-2_0_sp8-upgrade-qt5-qtbase huawei-euleros-2_0_sp8-upgrade-qt5-qtbase-common huawei-euleros-2_0_sp8-upgrade-qt5-qtbase-gui References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369 EulerOS-SA-2023-3155

CentOS Linux: CVE-2023-37369: Moderate: qt5 security and bug fix update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) centos-upgrade-adwaita-qt-debuginfo centos-upgrade-adwaita-qt-debugsource centos-upgrade-adwaita-qt5 centos-upgrade-adwaita-qt5-debuginfo centos-upgrade-libadwaita-qt5 centos-upgrade-libadwaita-qt5-debuginfo centos-upgrade-python-pyqt5-sip-debugsource centos-upgrade-python-qt5-debuginfo centos-upgrade-python-qt5-debugsource centos-upgrade-python-qt5-rpm-macros centos-upgrade-python3-pyqt5-sip centos-upgrade-python3-pyqt5-sip-debuginfo centos-upgrade-python3-qt5 centos-upgrade-python3-qt5-base centos-upgrade-python3-qt5-base-debuginfo centos-upgrade-python3-qt5-debuginfo centos-upgrade-qgnomeplatform centos-upgrade-qgnomeplatform-debuginfo centos-upgrade-qgnomeplatform-debugsource centos-upgrade-qt5 centos-upgrade-qt5-assistant centos-upgrade-qt5-assistant-debuginfo centos-upgrade-qt5-designer centos-upgrade-qt5-designer-debuginfo centos-upgrade-qt5-doctools centos-upgrade-qt5-doctools-debuginfo centos-upgrade-qt5-linguist centos-upgrade-qt5-linguist-debuginfo centos-upgrade-qt5-qdbusviewer centos-upgrade-qt5-qdbusviewer-debuginfo centos-upgrade-qt5-qt3d centos-upgrade-qt5-qt3d-debuginfo centos-upgrade-qt5-qt3d-debugsource centos-upgrade-qt5-qt3d-devel centos-upgrade-qt5-qt3d-devel-debuginfo centos-upgrade-qt5-qt3d-doc centos-upgrade-qt5-qt3d-examples centos-upgrade-qt5-qt3d-examples-debuginfo centos-upgrade-qt5-qt3d-tests-debuginfo centos-upgrade-qt5-qtbase centos-upgrade-qt5-qtbase-common centos-upgrade-qt5-qtbase-debuginfo centos-upgrade-qt5-qtbase-debugsource centos-upgrade-qt5-qtbase-devel centos-upgrade-qt5-qtbase-devel-debuginfo centos-upgrade-qt5-qtbase-doc centos-upgrade-qt5-qtbase-examples centos-upgrade-qt5-qtbase-examples-debuginfo centos-upgrade-qt5-qtbase-gui centos-upgrade-qt5-qtbase-gui-debuginfo centos-upgrade-qt5-qtbase-mysql centos-upgrade-qt5-qtbase-mysql-debuginfo centos-upgrade-qt5-qtbase-odbc centos-upgrade-qt5-qtbase-odbc-debuginfo centos-upgrade-qt5-qtbase-postgresql centos-upgrade-qt5-qtbase-postgresql-debuginfo centos-upgrade-qt5-qtbase-private-devel centos-upgrade-qt5-qtbase-tests-debuginfo centos-upgrade-qt5-qtconnectivity centos-upgrade-qt5-qtconnectivity-debuginfo centos-upgrade-qt5-qtconnectivity-debugsource centos-upgrade-qt5-qtconnectivity-devel centos-upgrade-qt5-qtconnectivity-doc centos-upgrade-qt5-qtconnectivity-examples centos-upgrade-qt5-qtconnectivity-examples-debuginfo centos-upgrade-qt5-qtconnectivity-tests-debuginfo centos-upgrade-qt5-qtdeclarative centos-upgrade-qt5-qtdeclarative-debuginfo centos-upgrade-qt5-qtdeclarative-debugsource centos-upgrade-qt5-qtdeclarative-devel centos-upgrade-qt5-qtdeclarative-devel-debuginfo centos-upgrade-qt5-qtdeclarative-doc centos-upgrade-qt5-qtdeclarative-examples centos-upgrade-qt5-qtdeclarative-examples-debuginfo centos-upgrade-qt5-qtdeclarative-tests-debuginfo centos-upgrade-qt5-qtdoc centos-upgrade-qt5-qtgraphicaleffects centos-upgrade-qt5-qtgraphicaleffects-debuginfo centos-upgrade-qt5-qtgraphicaleffects-debugsource centos-upgrade-qt5-qtgraphicaleffects-doc centos-upgrade-qt5-qtgraphicaleffects-tests-debuginfo centos-upgrade-qt5-qtimageformats centos-upgrade-qt5-qtimageformats-debuginfo centos-upgrade-qt5-qtimageformats-debugsource centos-upgrade-qt5-qtimageformats-doc centos-upgrade-qt5-qtimageformats-tests-debuginfo centos-upgrade-qt5-qtlocation centos-upgrade-qt5-qtlocation-debuginfo centos-upgrade-qt5-qtlocation-debugsource centos-upgrade-qt5-qtlocation-devel centos-upgrade-qt5-qtlocation-doc centos-upgrade-qt5-qtlocation-examples centos-upgrade-qt5-qtlocation-examples-debuginfo centos-upgrade-qt5-qtlocation-tests-debuginfo centos-upgrade-qt5-qtmultimedia centos-upgrade-qt5-qtmultimedia-debuginfo centos-upgrade-qt5-qtmultimedia-debugsource centos-upgrade-qt5-qtmultimedia-devel centos-upgrade-qt5-qtmultimedia-doc centos-upgrade-qt5-qtmultimedia-examples centos-upgrade-qt5-qtmultimedia-examples-debuginfo centos-upgrade-qt5-qtmultimedia-tests-debuginfo centos-upgrade-qt5-qtquickcontrols centos-upgrade-qt5-qtquickcontrols-debuginfo centos-upgrade-qt5-qtquickcontrols-debugsource centos-upgrade-qt5-qtquickcontrols-doc centos-upgrade-qt5-qtquickcontrols-examples centos-upgrade-qt5-qtquickcontrols-examples-debuginfo centos-upgrade-qt5-qtquickcontrols-tests-debuginfo centos-upgrade-qt5-qtquickcontrols2 centos-upgrade-qt5-qtquickcontrols2-debuginfo centos-upgrade-qt5-qtquickcontrols2-debugsource centos-upgrade-qt5-qtquickcontrols2-devel centos-upgrade-qt5-qtquickcontrols2-doc centos-upgrade-qt5-qtquickcontrols2-examples centos-upgrade-qt5-qtquickcontrols2-examples-debuginfo centos-upgrade-qt5-qtquickcontrols2-tests-debuginfo centos-upgrade-qt5-qtscript centos-upgrade-qt5-qtscript-debuginfo centos-upgrade-qt5-qtscript-debugsource centos-upgrade-qt5-qtscript-devel centos-upgrade-qt5-qtscript-doc centos-upgrade-qt5-qtscript-examples centos-upgrade-qt5-qtscript-examples-debuginfo centos-upgrade-qt5-qtscript-tests-debuginfo centos-upgrade-qt5-qtsensors centos-upgrade-qt5-qtsensors-debuginfo centos-upgrade-qt5-qtsensors-debugsource centos-upgrade-qt5-qtsensors-devel centos-upgrade-qt5-qtsensors-doc centos-upgrade-qt5-qtsensors-examples centos-upgrade-qt5-qtsensors-examples-debuginfo centos-upgrade-qt5-qtsensors-tests-debuginfo centos-upgrade-qt5-qtserialbus centos-upgrade-qt5-qtserialbus-debuginfo centos-upgrade-qt5-qtserialbus-debugsource centos-upgrade-qt5-qtserialbus-devel centos-upgrade-qt5-qtserialbus-doc centos-upgrade-qt5-qtserialbus-examples centos-upgrade-qt5-qtserialbus-examples-debuginfo centos-upgrade-qt5-qtserialbus-tests-debuginfo centos-upgrade-qt5-qtserialport centos-upgrade-qt5-qtserialport-debuginfo centos-upgrade-qt5-qtserialport-debugsource centos-upgrade-qt5-qtserialport-devel centos-upgrade-qt5-qtserialport-doc centos-upgrade-qt5-qtserialport-examples centos-upgrade-qt5-qtserialport-examples-debuginfo centos-upgrade-qt5-qtserialport-tests-debuginfo centos-upgrade-qt5-qtsvg centos-upgrade-qt5-qtsvg-debuginfo centos-upgrade-qt5-qtsvg-debugsource centos-upgrade-qt5-qtsvg-devel centos-upgrade-qt5-qtsvg-doc centos-upgrade-qt5-qtsvg-examples centos-upgrade-qt5-qtsvg-examples-debuginfo centos-upgrade-qt5-qtsvg-tests-debuginfo centos-upgrade-qt5-qttools centos-upgrade-qt5-qttools-common centos-upgrade-qt5-qttools-debuginfo centos-upgrade-qt5-qttools-debugsource centos-upgrade-qt5-qttools-devel centos-upgrade-qt5-qttools-devel-debuginfo centos-upgrade-qt5-qttools-doc centos-upgrade-qt5-qttools-examples centos-upgrade-qt5-qttools-examples-debuginfo centos-upgrade-qt5-qttools-libs-designer centos-upgrade-qt5-qttools-libs-designer-debuginfo centos-upgrade-qt5-qttools-libs-designercomponents centos-upgrade-qt5-qttools-libs-designercomponents-debuginfo centos-upgrade-qt5-qttools-libs-help centos-upgrade-qt5-qttools-libs-help-debuginfo centos-upgrade-qt5-qttools-tests-debuginfo centos-upgrade-qt5-qttranslations centos-upgrade-qt5-qtwayland centos-upgrade-qt5-qtwayland-debuginfo centos-upgrade-qt5-qtwayland-debugsource centos-upgrade-qt5-qtwayland-devel centos-upgrade-qt5-qtwayland-devel-debuginfo centos-upgrade-qt5-qtwayland-doc centos-upgrade-qt5-qtwayland-examples centos-upgrade-qt5-qtwayland-examples-debuginfo centos-upgrade-qt5-qtwayland-tests-debuginfo centos-upgrade-qt5-qtwebchannel centos-upgrade-qt5-qtwebchannel-debuginfo centos-upgrade-qt5-qtwebchannel-debugsource centos-upgrade-qt5-qtwebchannel-devel centos-upgrade-qt5-qtwebchannel-doc centos-upgrade-qt5-qtwebchannel-examples centos-upgrade-qt5-qtwebchannel-examples-debuginfo centos-upgrade-qt5-qtwebchannel-tests-debuginfo centos-upgrade-qt5-qtwebsockets centos-upgrade-qt5-qtwebsockets-debuginfo centos-upgrade-qt5-qtwebsockets-debugsource centos-upgrade-qt5-qtwebsockets-devel centos-upgrade-qt5-qtwebsockets-doc centos-upgrade-qt5-qtwebsockets-examples centos-upgrade-qt5-qtwebsockets-examples-debuginfo centos-upgrade-qt5-qtwebsockets-tests-debuginfo centos-upgrade-qt5-qtx11extras centos-upgrade-qt5-qtx11extras-debuginfo centos-upgrade-qt5-qtx11extras-debugsource centos-upgrade-qt5-qtx11extras-devel centos-upgrade-qt5-qtx11extras-doc centos-upgrade-qt5-qtx11extras-tests-debuginfo centos-upgrade-qt5-qtxmlpatterns centos-upgrade-qt5-qtxmlpatterns-debuginfo centos-upgrade-qt5-qtxmlpatterns-debugsource centos-upgrade-qt5-qtxmlpatterns-devel centos-upgrade-qt5-qtxmlpatterns-devel-debuginfo centos-upgrade-qt5-qtxmlpatterns-doc centos-upgrade-qt5-qtxmlpatterns-examples centos-upgrade-qt5-qtxmlpatterns-examples-debuginfo centos-upgrade-qt5-qtxmlpatterns-tests-debuginfo centos-upgrade-qt5-rpm-macros centos-upgrade-qt5-srpm-macros References CVE-2023-37369

Red Hat: CVE-2023-37369: qtbase: buffer overflow in QXmlStreamReader (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) redhat-upgrade-adwaita-qt-debuginfo redhat-upgrade-adwaita-qt-debugsource redhat-upgrade-adwaita-qt5 redhat-upgrade-adwaita-qt5-debuginfo redhat-upgrade-libadwaita-qt5 redhat-upgrade-libadwaita-qt5-debuginfo redhat-upgrade-python-pyqt5-sip-debugsource redhat-upgrade-python-qt5-debuginfo redhat-upgrade-python-qt5-debugsource redhat-upgrade-python-qt5-rpm-macros redhat-upgrade-python3-pyqt5-sip redhat-upgrade-python3-pyqt5-sip-debuginfo redhat-upgrade-python3-qt5 redhat-upgrade-python3-qt5-base redhat-upgrade-python3-qt5-base-debuginfo redhat-upgrade-python3-qt5-debuginfo redhat-upgrade-python3-qt5-devel redhat-upgrade-qgnomeplatform redhat-upgrade-qgnomeplatform-debuginfo redhat-upgrade-qgnomeplatform-debugsource redhat-upgrade-qt5 redhat-upgrade-qt5-assistant redhat-upgrade-qt5-assistant-debuginfo redhat-upgrade-qt5-designer redhat-upgrade-qt5-designer-debuginfo redhat-upgrade-qt5-devel redhat-upgrade-qt5-doctools redhat-upgrade-qt5-doctools-debuginfo redhat-upgrade-qt5-linguist redhat-upgrade-qt5-linguist-debuginfo redhat-upgrade-qt5-qdbusviewer redhat-upgrade-qt5-qdbusviewer-debuginfo redhat-upgrade-qt5-qt3d redhat-upgrade-qt5-qt3d-debuginfo redhat-upgrade-qt5-qt3d-debugsource redhat-upgrade-qt5-qt3d-devel redhat-upgrade-qt5-qt3d-devel-debuginfo redhat-upgrade-qt5-qt3d-doc redhat-upgrade-qt5-qt3d-examples redhat-upgrade-qt5-qt3d-examples-debuginfo redhat-upgrade-qt5-qt3d-tests-debuginfo redhat-upgrade-qt5-qtbase redhat-upgrade-qt5-qtbase-common redhat-upgrade-qt5-qtbase-debuginfo redhat-upgrade-qt5-qtbase-debugsource redhat-upgrade-qt5-qtbase-devel redhat-upgrade-qt5-qtbase-devel-debuginfo redhat-upgrade-qt5-qtbase-doc redhat-upgrade-qt5-qtbase-examples redhat-upgrade-qt5-qtbase-examples-debuginfo redhat-upgrade-qt5-qtbase-gui redhat-upgrade-qt5-qtbase-gui-debuginfo redhat-upgrade-qt5-qtbase-mysql redhat-upgrade-qt5-qtbase-mysql-debuginfo redhat-upgrade-qt5-qtbase-odbc redhat-upgrade-qt5-qtbase-odbc-debuginfo redhat-upgrade-qt5-qtbase-postgresql redhat-upgrade-qt5-qtbase-postgresql-debuginfo redhat-upgrade-qt5-qtbase-private-devel redhat-upgrade-qt5-qtbase-static redhat-upgrade-qt5-qtbase-tests-debuginfo redhat-upgrade-qt5-qtconnectivity redhat-upgrade-qt5-qtconnectivity-debuginfo redhat-upgrade-qt5-qtconnectivity-debugsource redhat-upgrade-qt5-qtconnectivity-devel redhat-upgrade-qt5-qtconnectivity-doc redhat-upgrade-qt5-qtconnectivity-examples redhat-upgrade-qt5-qtconnectivity-examples-debuginfo redhat-upgrade-qt5-qtconnectivity-tests-debuginfo redhat-upgrade-qt5-qtdeclarative redhat-upgrade-qt5-qtdeclarative-debuginfo redhat-upgrade-qt5-qtdeclarative-debugsource redhat-upgrade-qt5-qtdeclarative-devel redhat-upgrade-qt5-qtdeclarative-devel-debuginfo redhat-upgrade-qt5-qtdeclarative-doc redhat-upgrade-qt5-qtdeclarative-examples redhat-upgrade-qt5-qtdeclarative-examples-debuginfo redhat-upgrade-qt5-qtdeclarative-static redhat-upgrade-qt5-qtdeclarative-tests-debuginfo redhat-upgrade-qt5-qtdoc redhat-upgrade-qt5-qtgraphicaleffects redhat-upgrade-qt5-qtgraphicaleffects-debuginfo redhat-upgrade-qt5-qtgraphicaleffects-debugsource redhat-upgrade-qt5-qtgraphicaleffects-doc redhat-upgrade-qt5-qtgraphicaleffects-tests-debuginfo redhat-upgrade-qt5-qtimageformats redhat-upgrade-qt5-qtimageformats-debuginfo redhat-upgrade-qt5-qtimageformats-debugsource redhat-upgrade-qt5-qtimageformats-doc redhat-upgrade-qt5-qtimageformats-tests-debuginfo redhat-upgrade-qt5-qtlocation redhat-upgrade-qt5-qtlocation-debuginfo redhat-upgrade-qt5-qtlocation-debugsource redhat-upgrade-qt5-qtlocation-devel redhat-upgrade-qt5-qtlocation-doc redhat-upgrade-qt5-qtlocation-examples redhat-upgrade-qt5-qtlocation-examples-debuginfo redhat-upgrade-qt5-qtlocation-tests-debuginfo redhat-upgrade-qt5-qtmultimedia redhat-upgrade-qt5-qtmultimedia-debuginfo redhat-upgrade-qt5-qtmultimedia-debugsource redhat-upgrade-qt5-qtmultimedia-devel redhat-upgrade-qt5-qtmultimedia-doc redhat-upgrade-qt5-qtmultimedia-examples redhat-upgrade-qt5-qtmultimedia-examples-debuginfo redhat-upgrade-qt5-qtmultimedia-tests-debuginfo redhat-upgrade-qt5-qtquickcontrols redhat-upgrade-qt5-qtquickcontrols-debuginfo redhat-upgrade-qt5-qtquickcontrols-debugsource redhat-upgrade-qt5-qtquickcontrols-doc redhat-upgrade-qt5-qtquickcontrols-examples redhat-upgrade-qt5-qtquickcontrols-examples-debuginfo redhat-upgrade-qt5-qtquickcontrols-tests-debuginfo redhat-upgrade-qt5-qtquickcontrols2 redhat-upgrade-qt5-qtquickcontrols2-debuginfo redhat-upgrade-qt5-qtquickcontrols2-debugsource redhat-upgrade-qt5-qtquickcontrols2-devel redhat-upgrade-qt5-qtquickcontrols2-doc redhat-upgrade-qt5-qtquickcontrols2-examples redhat-upgrade-qt5-qtquickcontrols2-examples-debuginfo redhat-upgrade-qt5-qtquickcontrols2-tests-debuginfo redhat-upgrade-qt5-qtscript redhat-upgrade-qt5-qtscript-debuginfo redhat-upgrade-qt5-qtscript-debugsource redhat-upgrade-qt5-qtscript-devel redhat-upgrade-qt5-qtscript-doc redhat-upgrade-qt5-qtscript-examples redhat-upgrade-qt5-qtscript-examples-debuginfo redhat-upgrade-qt5-qtscript-tests-debuginfo redhat-upgrade-qt5-qtsensors redhat-upgrade-qt5-qtsensors-debuginfo redhat-upgrade-qt5-qtsensors-debugsource redhat-upgrade-qt5-qtsensors-devel redhat-upgrade-qt5-qtsensors-doc redhat-upgrade-qt5-qtsensors-examples redhat-upgrade-qt5-qtsensors-examples-debuginfo redhat-upgrade-qt5-qtsensors-tests-debuginfo redhat-upgrade-qt5-qtserialbus redhat-upgrade-qt5-qtserialbus-debuginfo redhat-upgrade-qt5-qtserialbus-debugsource redhat-upgrade-qt5-qtserialbus-devel redhat-upgrade-qt5-qtserialbus-doc redhat-upgrade-qt5-qtserialbus-examples redhat-upgrade-qt5-qtserialbus-examples-debuginfo redhat-upgrade-qt5-qtserialbus-tests-debuginfo redhat-upgrade-qt5-qtserialport redhat-upgrade-qt5-qtserialport-debuginfo redhat-upgrade-qt5-qtserialport-debugsource redhat-upgrade-qt5-qtserialport-devel redhat-upgrade-qt5-qtserialport-doc redhat-upgrade-qt5-qtserialport-examples redhat-upgrade-qt5-qtserialport-examples-debuginfo redhat-upgrade-qt5-qtserialport-tests-debuginfo redhat-upgrade-qt5-qtsvg redhat-upgrade-qt5-qtsvg-debuginfo redhat-upgrade-qt5-qtsvg-debugsource redhat-upgrade-qt5-qtsvg-devel redhat-upgrade-qt5-qtsvg-doc redhat-upgrade-qt5-qtsvg-examples redhat-upgrade-qt5-qtsvg-examples-debuginfo redhat-upgrade-qt5-qtsvg-tests-debuginfo redhat-upgrade-qt5-qttools redhat-upgrade-qt5-qttools-common redhat-upgrade-qt5-qttools-debuginfo redhat-upgrade-qt5-qttools-debugsource redhat-upgrade-qt5-qttools-devel redhat-upgrade-qt5-qttools-devel-debuginfo redhat-upgrade-qt5-qttools-doc redhat-upgrade-qt5-qttools-examples redhat-upgrade-qt5-qttools-examples-debuginfo redhat-upgrade-qt5-qttools-libs-designer redhat-upgrade-qt5-qttools-libs-designer-debuginfo redhat-upgrade-qt5-qttools-libs-designercomponents redhat-upgrade-qt5-qttools-libs-designercomponents-debuginfo redhat-upgrade-qt5-qttools-libs-help redhat-upgrade-qt5-qttools-libs-help-debuginfo redhat-upgrade-qt5-qttools-static redhat-upgrade-qt5-qttools-tests-debuginfo redhat-upgrade-qt5-qttranslations redhat-upgrade-qt5-qtwayland redhat-upgrade-qt5-qtwayland-debuginfo redhat-upgrade-qt5-qtwayland-debugsource redhat-upgrade-qt5-qtwayland-devel redhat-upgrade-qt5-qtwayland-devel-debuginfo redhat-upgrade-qt5-qtwayland-doc redhat-upgrade-qt5-qtwayland-examples redhat-upgrade-qt5-qtwayland-examples-debuginfo redhat-upgrade-qt5-qtwayland-tests-debuginfo redhat-upgrade-qt5-qtwebchannel redhat-upgrade-qt5-qtwebchannel-debuginfo redhat-upgrade-qt5-qtwebchannel-debugsource redhat-upgrade-qt5-qtwebchannel-devel redhat-upgrade-qt5-qtwebchannel-doc redhat-upgrade-qt5-qtwebchannel-examples redhat-upgrade-qt5-qtwebchannel-examples-debuginfo redhat-upgrade-qt5-qtwebchannel-tests-debuginfo redhat-upgrade-qt5-qtwebsockets redhat-upgrade-qt5-qtwebsockets-debuginfo redhat-upgrade-qt5-qtwebsockets-debugsource redhat-upgrade-qt5-qtwebsockets-devel redhat-upgrade-qt5-qtwebsockets-doc redhat-upgrade-qt5-qtwebsockets-examples redhat-upgrade-qt5-qtwebsockets-examples-debuginfo redhat-upgrade-qt5-qtwebsockets-tests-debuginfo redhat-upgrade-qt5-qtx11extras redhat-upgrade-qt5-qtx11extras-debuginfo redhat-upgrade-qt5-qtx11extras-debugsource redhat-upgrade-qt5-qtx11extras-devel redhat-upgrade-qt5-qtx11extras-doc redhat-upgrade-qt5-qtx11extras-tests-debuginfo redhat-upgrade-qt5-qtxmlpatterns redhat-upgrade-qt5-qtxmlpatterns-debuginfo redhat-upgrade-qt5-qtxmlpatterns-debugsource redhat-upgrade-qt5-qtxmlpatterns-devel redhat-upgrade-qt5-qtxmlpatterns-devel-debuginfo redhat-upgrade-qt5-qtxmlpatterns-doc redhat-upgrade-qt5-qtxmlpatterns-examples redhat-upgrade-qt5-qtxmlpatterns-examples-debuginfo redhat-upgrade-qt5-qtxmlpatterns-tests-debuginfo redhat-upgrade-qt5-rpm-macros redhat-upgrade-qt5-srpm-macros References CVE-2023-37369 RHSA-2023:6369 RHSA-2023:6967

Gentoo Linux: CVE-2023-37369: Qt: Buffer Overflow Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/20/2023 Created 01/25/2025 Added 01/24/2025 Modified 01/28/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) gentoo-linux-upgrade-dev-qt-qtbase gentoo-linux-upgrade-dev-qt-qtcore References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369 202501-08

Microsoft Edge Chromium: CVE-2023-38158 Severity 3 CVSS (AV:N/AC:H/Au:N/C:P/I:N/A:N) Published 08/18/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-38158 CVE - 2023-38158 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38158

Microsoft Edge Chromium: CVE-2023-36787 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/18/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-36787 CVE - 2023-36787 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36787

Debian: CVE-2023-20212: clamav -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/18/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition. Solution(s) debian-upgrade-clamav References https://attackerkb.com/topics/cve-2023-20212 CVE - 2023-20212

Ubuntu: (Multiple Advisories) (CVE-2023-40175): Puma vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/18/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) ubuntu-pro-upgrade-puma References https://attackerkb.com/topics/cve-2023-40175 CVE - 2023-40175 USN-6399-1 USN-6682-1

SUSE: CVE-2023-40175: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/18/2023 Created 10/05/2023 Added 10/05/2023 Modified 01/28/2025 Description Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) suse-upgrade-ruby2-5-rubygem-puma suse-upgrade-ruby2-5-rubygem-puma-doc References https://attackerkb.com/topics/cve-2023-40175 CVE - 2023-40175

Ubuntu: (CVE-2023-4394): linux vulnerability Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 08/17/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-gkeop-5-15 ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv-5-15 References https://attackerkb.com/topics/cve-2023-4394 CVE - 2023-4394 https://access.redhat.com/security/cve/CVE-2023-4394 https://patchwork.kernel.org/project/linux-btrfs/patch/[email protected]/ https://www.cve.org/CVERecord?id=CVE-2023-4394

Amazon Linux AMI: CVE-2020-21679: Security patch for GraphicsMagick (ALAS-2023-1806) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/17/2023 Created 02/22/2024 Added 02/19/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. Solution(s) amazon-linux-upgrade-graphicsmagick References ALAS-2023-1806 CVE-2020-21679

Junos OS PHPRC Environment Variable Manipulation RCE Disclosed 08/17/2023 Created 09/29/2023 Description This module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices run FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The first being 'auto_prepend_file' which causes the provided file to be added using the 'require' function. The second PHP function is 'allow_url_include' which allows the use of URL-aware fopen wrappers. By enabling allow_url_include, the exploit can use any protocol wrapper with auto_prepend_file. The module then uses data:// to provide a file inline which includes the base64 encoded PHP payload. By default this exploit returns a session confined to a FreeBSD jail with limited functionality. There is a datastore option 'JAIL_BREAK', that when set to true, will steal the necessary tokens from a user authenticated to the J-Web application, in order to overwrite the root password hash. If there is no user authenticated to the J-Web application this exploit will try to create one. If unsuccesfull this method will not work. The module then authenticates with the new root password over SSH and then rewrites the original root password hash to /etc/master.passwd. There is an option to set allow ssh root login, if disabled. Author(s) Jacob Baines Ron Bowes jheysel-r7 Fabian Hafner Platform PHP,Unix Architectures php, cmd Development Source Code History

Amazon Linux AMI 2: CVE-2023-4394: Security patch for kernel (ALASKERNEL-5.15-2022-008) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 08/17/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-69-37-134 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4394 AL2/ALASKERNEL-5.15-2022-008 CVE - 2023-4394

Oracle Linux: CVE-2023-39198: ELSA-2024-2394:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:M/C:C/I:C/A:C) Published 08/17/2023 Created 05/21/2024 Added 05/14/2024 Modified 01/07/2025 Description A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-39198 CVE - 2023-39198 ELSA-2024-2394 ELSA-2024-3138

Fortinet FortiOS: Out-of-bounds Write (CVE-2023-29182) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/17/2023 Created 08/28/2023 Added 08/28/2023 Modified 01/28/2025 Description A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. Solution(s) fortios-upgrade-7_0_4 References https://attackerkb.com/topics/cve-2023-29182 CVE - 2023-29182 https://fortiguard.com/psirt/FG-IR-23-149

Debian: CVE-2023-4394: linux -- security update Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 08/17/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-4394 CVE - 2023-4394

Ubuntu: (Multiple Advisories) (CVE-2023-2163): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/17/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1025-gkeop ubuntu-upgrade-linux-image-5-15-0-1030-nvidia ubuntu-upgrade-linux-image-5-15-0-1030-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1035-ibm ubuntu-upgrade-linux-image-5-15-0-1035-raspi ubuntu-upgrade-linux-image-5-15-0-1037-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1039-gcp ubuntu-upgrade-linux-image-5-15-0-1039-gke ubuntu-upgrade-linux-image-5-15-0-1039-kvm ubuntu-upgrade-linux-image-5-15-0-1040-oracle ubuntu-upgrade-linux-image-5-15-0-1041-aws ubuntu-upgrade-linux-image-5-15-0-1042-aws ubuntu-upgrade-linux-image-5-15-0-1043-azure-fde ubuntu-upgrade-linux-image-5-15-0-1045-azure ubuntu-upgrade-linux-image-5-15-0-1045-azure-fde ubuntu-upgrade-linux-image-5-15-0-79-generic ubuntu-upgrade-linux-image-5-15-0-79-generic-64k ubuntu-upgrade-linux-image-5-15-0-79-generic-lpae ubuntu-upgrade-linux-image-5-15-0-79-lowlatency ubuntu-upgrade-linux-image-5-15-0-79-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1021-iot ubuntu-upgrade-linux-image-5-4-0-1029-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1056-ibm ubuntu-upgrade-linux-image-5-4-0-1070-bluefield ubuntu-upgrade-linux-image-5-4-0-1076-gkeop ubuntu-upgrade-linux-image-5-4-0-1093-raspi ubuntu-upgrade-linux-image-5-4-0-1098-kvm ubuntu-upgrade-linux-image-5-4-0-1108-oracle ubuntu-upgrade-linux-image-5-4-0-1109-aws ubuntu-upgrade-linux-image-5-4-0-1112-gcp ubuntu-upgrade-linux-image-5-4-0-1115-azure ubuntu-upgrade-linux-image-5-4-0-162-generic ubuntu-upgrade-linux-image-5-4-0-162-generic-lpae ubuntu-upgrade-linux-image-5-4-0-162-lowlatency ubuntu-upgrade-linux-image-6-0-0-1021-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-raspi2-hwe-18-04 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-2163 CVE - 2023-2163 USN-6300-1 USN-6311-1 USN-6332-1 USN-6340-1 USN-6340-2 USN-6347-1 USN-6349-1 USN-6357-1 USN-6385-1 USN-6397-1 View more

Gentoo Linux: CVE-2023-39975: MIT krb5: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/16/2023 Created 05/06/2024 Added 05/06/2024 Modified 01/28/2025 Description kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. Solution(s) gentoo-linux-upgrade-app-crypt-mit-krb5 References https://attackerkb.com/topics/cve-2023-39975 CVE - 2023-39975 202405-11