ISHACK AI BOT

Huawei EulerOS: CVE-2022-27635: linux-firmware security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) huawei-euleros-2_0_sp8-upgrade-libertas-sd8686-firmware huawei-euleros-2_0_sp8-upgrade-libertas-sd8787-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-olpc-firmware huawei-euleros-2_0_sp8-upgrade-linux-firmware References https://attackerkb.com/topics/cve-2022-27635 CVE - 2022-27635 EulerOS-SA-2024-1284

Alma Linux: CVE-2022-40964: Important: linux-firmware security, bug fix, and enhancement update (ALSA-2023-6595) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) alma-upgrade-iwl100-firmware alma-upgrade-iwl1000-firmware alma-upgrade-iwl105-firmware alma-upgrade-iwl135-firmware alma-upgrade-iwl2000-firmware alma-upgrade-iwl2030-firmware alma-upgrade-iwl3160-firmware alma-upgrade-iwl5000-firmware alma-upgrade-iwl5150-firmware alma-upgrade-iwl6000g2a-firmware alma-upgrade-iwl6000g2b-firmware alma-upgrade-iwl6050-firmware alma-upgrade-iwl7260-firmware alma-upgrade-libertas-sd8787-firmware alma-upgrade-linux-firmware alma-upgrade-linux-firmware-whence alma-upgrade-netronome-firmware References https://attackerkb.com/topics/cve-2022-40964 CVE - 2022-40964 https://errata.almalinux.org/9/ALSA-2023-6595.html

Alma Linux: CVE-2022-40982: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 08/11/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/28/2025 Description Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-40982 CVE - 2022-40982 https://errata.almalinux.org/8/ALSA-2023-7077.html

Huawei EulerOS: CVE-2022-40964: linux-firmware security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) huawei-euleros-2_0_sp8-upgrade-libertas-sd8686-firmware huawei-euleros-2_0_sp8-upgrade-libertas-sd8787-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-olpc-firmware huawei-euleros-2_0_sp8-upgrade-linux-firmware References https://attackerkb.com/topics/cve-2022-40964 CVE - 2022-40964 EulerOS-SA-2024-1284

Huawei EulerOS: CVE-2022-36351: linux-firmware security update Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 08/11/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. Solution(s) huawei-euleros-2_0_sp8-upgrade-libertas-sd8686-firmware huawei-euleros-2_0_sp8-upgrade-libertas-sd8787-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-firmware huawei-euleros-2_0_sp8-upgrade-libertas-usb8388-olpc-firmware huawei-euleros-2_0_sp8-upgrade-linux-firmware References https://attackerkb.com/topics/cve-2022-36351 CVE - 2022-36351 EulerOS-SA-2024-1284

Ubuntu: (Multiple Advisories) (CVE-2023-3824): PHP vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/28/2025 Description In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-2 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-fpm ubuntu-pro-upgrade-php7-0-xml ubuntu-pro-upgrade-php7-2 ubuntu-pro-upgrade-php7-2-cgi ubuntu-pro-upgrade-php7-2-cli ubuntu-pro-upgrade-php7-2-fpm ubuntu-pro-upgrade-php7-2-xml ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php7-4-xml ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-fpm ubuntu-pro-upgrade-php8-1-xml References https://attackerkb.com/topics/cve-2023-3824 CVE - 2023-3824 USN-6305-1 USN-6305-2 USN-6305-3

Ubuntu: USN-6296-1 (CVE-2023-39418): PostgreSQL vulnerabilities Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:P/A:N) Published 08/11/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows. Solution(s) ubuntu-upgrade-postgresql-15 ubuntu-upgrade-postgresql-client-15 References https://attackerkb.com/topics/cve-2023-39418 CVE - 2023-39418 USN-6296-1

Alma Linux: CVE-2020-36024: Moderate: poppler security update (ALSA-2024-2979) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/11/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. Solution(s) alma-upgrade-poppler alma-upgrade-poppler-cpp alma-upgrade-poppler-cpp-devel alma-upgrade-poppler-devel alma-upgrade-poppler-glib alma-upgrade-poppler-glib-devel alma-upgrade-poppler-glib-doc alma-upgrade-poppler-qt5 alma-upgrade-poppler-qt5-devel alma-upgrade-poppler-utils References https://attackerkb.com/topics/cve-2020-36024 CVE - 2020-36024 https://errata.almalinux.org/8/ALSA-2024-2979.html

Ubuntu: USN-6306-1 (CVE-2023-39948): Fast DDS vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/11/2023 Created 08/28/2023 Added 08/28/2023 Modified 01/28/2025 Description eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue. Solution(s) ubuntu-pro-upgrade-fastdds-tools ubuntu-pro-upgrade-libfastrtps2-5 ubuntu-pro-upgrade-libfastrtps2-9 References https://attackerkb.com/topics/cve-2023-39948 CVE - 2023-39948 USN-6306-1

Ubuntu: USN-6306-1 (CVE-2023-39534): Fast DDS vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/11/2023 Created 08/28/2023 Added 08/28/2023 Modified 01/28/2025 Description eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue. Solution(s) ubuntu-pro-upgrade-fastdds-tools ubuntu-pro-upgrade-libfastrtps2-5 ubuntu-pro-upgrade-libfastrtps2-9 References https://attackerkb.com/topics/cve-2023-39534 CVE - 2023-39534 USN-6306-1

Red Hat: CVE-2022-46329: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) redhat-upgrade-iwl100-firmware redhat-upgrade-iwl1000-firmware redhat-upgrade-iwl105-firmware redhat-upgrade-iwl135-firmware redhat-upgrade-iwl2000-firmware redhat-upgrade-iwl2030-firmware redhat-upgrade-iwl3160-firmware redhat-upgrade-iwl3945-firmware redhat-upgrade-iwl4965-firmware redhat-upgrade-iwl5000-firmware redhat-upgrade-iwl5150-firmware redhat-upgrade-iwl6000-firmware redhat-upgrade-iwl6000g2a-firmware redhat-upgrade-iwl6000g2b-firmware redhat-upgrade-iwl6050-firmware redhat-upgrade-iwl7260-firmware redhat-upgrade-libertas-sd8686-firmware redhat-upgrade-libertas-sd8787-firmware redhat-upgrade-libertas-usb8388-firmware redhat-upgrade-libertas-usb8388-olpc-firmware redhat-upgrade-linux-firmware redhat-upgrade-linux-firmware-whence redhat-upgrade-netronome-firmware References CVE-2022-46329 RHSA-2023:6595 RHSA-2024:0449 RHSA-2024:0577 RHSA-2024:1112 RHSA-2024:3178 RHSA-2024:3422 RHSA-2024:3939 View more

Ubuntu: USN-6326-1 (CVE-2023-40267): GitPython vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. Solution(s) ubuntu-pro-upgrade-python-git ubuntu-pro-upgrade-python3-git References https://attackerkb.com/topics/cve-2023-40267 CVE - 2023-40267 USN-6326-1

Ubuntu: (Multiple Advisories) (CVE-2023-39417): PostgreSQL vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/11/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/30/2025 Description IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. Solution(s) ubuntu-pro-upgrade-postgresql-12 ubuntu-pro-upgrade-postgresql-14 ubuntu-pro-upgrade-postgresql-15 ubuntu-pro-upgrade-postgresql-9-5 ubuntu-pro-upgrade-postgresql-client-12 ubuntu-pro-upgrade-postgresql-client-14 ubuntu-pro-upgrade-postgresql-client-15 ubuntu-pro-upgrade-postgresql-client-9-5 References https://attackerkb.com/topics/cve-2023-39417 CVE - 2023-39417 USN-6296-1 USN-6366-1

Debian: CVE-2023-40267: python-git -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 08/14/2023 Added 08/14/2023 Modified 01/28/2025 Description GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. Solution(s) debian-upgrade-python-git References https://attackerkb.com/topics/cve-2023-40267 CVE - 2023-40267 DLA-3502-1

Debian: CVE-2023-39946: fastdds -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/11/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/30/2025 Description eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of actual content. In `eprosima::fastdds::dds::ParameterPropertyList_t::push_back_helper`, `memcpy` is called to first copy the octet'ized length and then to copy the data into `properties_.data`. At the second memcpy, both `data` and `size` can be controlled by anyone that sends the CDR string to the discovery multicast port. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue. Solution(s) debian-upgrade-fastdds References https://attackerkb.com/topics/cve-2023-39946 CVE - 2023-39946 DSA-5481-1

Debian: CVE-2023-3824: php7.4, php8.2 -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 09/07/2023 Added 09/07/2023 Modified 01/28/2025 Description In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. Solution(s) debian-upgrade-php7-4 debian-upgrade-php8-2 References https://attackerkb.com/topics/cve-2023-3824 CVE - 2023-3824 DLA-3555-1

Alma Linux: CVE-2022-36351: Important: linux-firmware security, bug fix, and enhancement update (ALSA-2023-6595) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 08/11/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. Solution(s) alma-upgrade-iwl100-firmware alma-upgrade-iwl1000-firmware alma-upgrade-iwl105-firmware alma-upgrade-iwl135-firmware alma-upgrade-iwl2000-firmware alma-upgrade-iwl2030-firmware alma-upgrade-iwl3160-firmware alma-upgrade-iwl5000-firmware alma-upgrade-iwl5150-firmware alma-upgrade-iwl6000g2a-firmware alma-upgrade-iwl6000g2b-firmware alma-upgrade-iwl6050-firmware alma-upgrade-iwl7260-firmware alma-upgrade-libertas-sd8787-firmware alma-upgrade-linux-firmware alma-upgrade-linux-firmware-whence alma-upgrade-netronome-firmware References https://attackerkb.com/topics/cve-2022-36351 CVE - 2022-36351 https://errata.almalinux.org/9/ALSA-2023-6595.html

Red Hat: CVE-2022-40964: Improper access control for some Intel(R) PROSet/Wireless WiFi (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) redhat-upgrade-iwl100-firmware redhat-upgrade-iwl1000-firmware redhat-upgrade-iwl105-firmware redhat-upgrade-iwl135-firmware redhat-upgrade-iwl2000-firmware redhat-upgrade-iwl2030-firmware redhat-upgrade-iwl3160-firmware redhat-upgrade-iwl3945-firmware redhat-upgrade-iwl4965-firmware redhat-upgrade-iwl5000-firmware redhat-upgrade-iwl5150-firmware redhat-upgrade-iwl6000-firmware redhat-upgrade-iwl6000g2a-firmware redhat-upgrade-iwl6000g2b-firmware redhat-upgrade-iwl6050-firmware redhat-upgrade-iwl7260-firmware redhat-upgrade-libertas-sd8787-firmware redhat-upgrade-linux-firmware redhat-upgrade-linux-firmware-whence redhat-upgrade-netronome-firmware References CVE-2022-40964 RHSA-2023:6595 RHSA-2024:3422 RHSA-2024:3939

Red Hat: CVE-2023-39418: postgresql: MERGE fails to enforce UPDATE or SELECT row security policies (Multiple Advisories) Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:P/A:N) Published 08/11/2023 Created 12/15/2023 Added 12/14/2023 Modified 01/28/2025 Description A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows. Solution(s) redhat-upgrade-pg_repack redhat-upgrade-pg_repack-debuginfo redhat-upgrade-pg_repack-debugsource redhat-upgrade-pgaudit redhat-upgrade-pgaudit-debuginfo redhat-upgrade-pgaudit-debugsource redhat-upgrade-postgres-decoderbufs redhat-upgrade-postgres-decoderbufs-debuginfo redhat-upgrade-postgres-decoderbufs-debugsource redhat-upgrade-postgresql redhat-upgrade-postgresql-contrib redhat-upgrade-postgresql-contrib-debuginfo redhat-upgrade-postgresql-debuginfo redhat-upgrade-postgresql-debugsource redhat-upgrade-postgresql-docs redhat-upgrade-postgresql-docs-debuginfo redhat-upgrade-postgresql-plperl redhat-upgrade-postgresql-plperl-debuginfo redhat-upgrade-postgresql-plpython3 redhat-upgrade-postgresql-plpython3-debuginfo redhat-upgrade-postgresql-pltcl redhat-upgrade-postgresql-pltcl-debuginfo redhat-upgrade-postgresql-private-devel redhat-upgrade-postgresql-private-libs redhat-upgrade-postgresql-private-libs-debuginfo redhat-upgrade-postgresql-server redhat-upgrade-postgresql-server-debuginfo redhat-upgrade-postgresql-server-devel redhat-upgrade-postgresql-server-devel-debuginfo redhat-upgrade-postgresql-static redhat-upgrade-postgresql-test redhat-upgrade-postgresql-test-debuginfo redhat-upgrade-postgresql-test-rpm-macros redhat-upgrade-postgresql-upgrade redhat-upgrade-postgresql-upgrade-debuginfo redhat-upgrade-postgresql-upgrade-devel redhat-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2023-39418 RHSA-2023:7785 RHSA-2023:7883 RHSA-2023:7884 RHSA-2023:7885

Red Hat: CVE-2023-40267: Important: Satellite 6.13.5 Async Security Update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. Solution(s) redhat-upgrade-foreman-cli redhat-upgrade-python39-pulp_manifest redhat-upgrade-rubygem-amazing_print redhat-upgrade-rubygem-apipie-bindings redhat-upgrade-rubygem-clamp redhat-upgrade-rubygem-domain_name redhat-upgrade-rubygem-fast_gettext redhat-upgrade-rubygem-ffi redhat-upgrade-rubygem-ffi-debuginfo redhat-upgrade-rubygem-ffi-debugsource redhat-upgrade-rubygem-foreman_maintain redhat-upgrade-rubygem-gssapi redhat-upgrade-rubygem-hammer_cli redhat-upgrade-rubygem-hammer_cli_foreman redhat-upgrade-rubygem-hammer_cli_foreman_admin redhat-upgrade-rubygem-hammer_cli_foreman_ansible redhat-upgrade-rubygem-hammer_cli_foreman_azure_rm redhat-upgrade-rubygem-hammer_cli_foreman_bootdisk redhat-upgrade-rubygem-hammer_cli_foreman_discovery redhat-upgrade-rubygem-hammer_cli_foreman_google redhat-upgrade-rubygem-hammer_cli_foreman_openscap redhat-upgrade-rubygem-hammer_cli_foreman_remote_execution redhat-upgrade-rubygem-hammer_cli_foreman_tasks redhat-upgrade-rubygem-hammer_cli_foreman_templates redhat-upgrade-rubygem-hammer_cli_foreman_virt_who_configure redhat-upgrade-rubygem-hammer_cli_foreman_webhooks redhat-upgrade-rubygem-hammer_cli_katello redhat-upgrade-rubygem-hashie redhat-upgrade-rubygem-highline redhat-upgrade-rubygem-http-accept redhat-upgrade-rubygem-http-cookie redhat-upgrade-rubygem-jwt redhat-upgrade-rubygem-little-plugger redhat-upgrade-rubygem-locale redhat-upgrade-rubygem-logging redhat-upgrade-rubygem-mime-types redhat-upgrade-rubygem-mime-types-data redhat-upgrade-rubygem-multi_json redhat-upgrade-rubygem-netrc redhat-upgrade-rubygem-oauth redhat-upgrade-rubygem-oauth-tty redhat-upgrade-rubygem-powerbar redhat-upgrade-rubygem-rest-client redhat-upgrade-rubygem-snaky_hash redhat-upgrade-rubygem-unf redhat-upgrade-rubygem-unf_ext redhat-upgrade-rubygem-unf_ext-debuginfo redhat-upgrade-rubygem-unf_ext-debugsource redhat-upgrade-rubygem-unicode redhat-upgrade-rubygem-unicode-debuginfo redhat-upgrade-rubygem-unicode-debugsource redhat-upgrade-rubygem-unicode-display_width redhat-upgrade-rubygem-version_gem redhat-upgrade-satellite-cli redhat-upgrade-satellite-clone redhat-upgrade-satellite-maintain References CVE-2023-40267

Red Hat: CVE-2023-3823: XML loading external entity without being enabled (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 08/11/2023 Created 11/01/2023 Added 11/01/2023 Modified 02/10/2025 Description In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down. Solution(s) redhat-upgrade-apcu-panel redhat-upgrade-libzip redhat-upgrade-libzip-debuginfo redhat-upgrade-libzip-debugsource redhat-upgrade-libzip-devel redhat-upgrade-libzip-tools redhat-upgrade-libzip-tools-debuginfo redhat-upgrade-php redhat-upgrade-php-bcmath redhat-upgrade-php-bcmath-debuginfo redhat-upgrade-php-cli redhat-upgrade-php-cli-debuginfo redhat-upgrade-php-common redhat-upgrade-php-common-debuginfo redhat-upgrade-php-dba redhat-upgrade-php-dba-debuginfo redhat-upgrade-php-dbg redhat-upgrade-php-dbg-debuginfo redhat-upgrade-php-debuginfo redhat-upgrade-php-debugsource redhat-upgrade-php-devel redhat-upgrade-php-embedded redhat-upgrade-php-embedded-debuginfo redhat-upgrade-php-enchant redhat-upgrade-php-enchant-debuginfo redhat-upgrade-php-ffi redhat-upgrade-php-ffi-debuginfo redhat-upgrade-php-fpm redhat-upgrade-php-fpm-debuginfo redhat-upgrade-php-gd redhat-upgrade-php-gd-debuginfo redhat-upgrade-php-gmp redhat-upgrade-php-gmp-debuginfo redhat-upgrade-php-intl redhat-upgrade-php-intl-debuginfo redhat-upgrade-php-json redhat-upgrade-php-json-debuginfo redhat-upgrade-php-ldap redhat-upgrade-php-ldap-debuginfo redhat-upgrade-php-mbstring redhat-upgrade-php-mbstring-debuginfo redhat-upgrade-php-mysqlnd redhat-upgrade-php-mysqlnd-debuginfo redhat-upgrade-php-odbc redhat-upgrade-php-odbc-debuginfo redhat-upgrade-php-opcache redhat-upgrade-php-opcache-debuginfo redhat-upgrade-php-pdo redhat-upgrade-php-pdo-debuginfo redhat-upgrade-php-pear redhat-upgrade-php-pecl-apcu redhat-upgrade-php-pecl-apcu-debuginfo redhat-upgrade-php-pecl-apcu-debugsource redhat-upgrade-php-pecl-apcu-devel redhat-upgrade-php-pecl-rrd redhat-upgrade-php-pecl-rrd-debuginfo redhat-upgrade-php-pecl-rrd-debugsource redhat-upgrade-php-pecl-xdebug redhat-upgrade-php-pecl-xdebug-debuginfo redhat-upgrade-php-pecl-xdebug-debugsource redhat-upgrade-php-pecl-xdebug3 redhat-upgrade-php-pecl-xdebug3-debuginfo redhat-upgrade-php-pecl-xdebug3-debugsource redhat-upgrade-php-pecl-zip redhat-upgrade-php-pecl-zip-debuginfo redhat-upgrade-php-pecl-zip-debugsource redhat-upgrade-php-pgsql redhat-upgrade-php-pgsql-debuginfo redhat-upgrade-php-process redhat-upgrade-php-process-debuginfo redhat-upgrade-php-snmp redhat-upgrade-php-snmp-debuginfo redhat-upgrade-php-soap redhat-upgrade-php-soap-debuginfo redhat-upgrade-php-xml redhat-upgrade-php-xml-debuginfo redhat-upgrade-php-xmlrpc redhat-upgrade-php-xmlrpc-debuginfo References CVE-2023-3823 RHSA-2023:5926 RHSA-2023:5927 RHSA-2024:0387 RHSA-2024:10952

Huawei EulerOS: CVE-2023-25775: kernel security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-25775 CVE - 2023-25775 EulerOS-SA-2023-3336

Gentoo Linux: CVE-2023-3824: PHP: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 08/14/2024 Added 08/13/2024 Modified 01/28/2025 Description In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. Solution(s) gentoo-linux-upgrade-dev-lang-php References https://attackerkb.com/topics/cve-2023-3824 CVE - 2023-3824 202408-32

Red Hat: CVE-2023-3824: phar Buffer mismanagement (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/11/2023 Created 11/01/2023 Added 11/01/2023 Modified 02/10/2025 Description In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. Solution(s) redhat-upgrade-apcu-panel redhat-upgrade-libzip redhat-upgrade-libzip-debuginfo redhat-upgrade-libzip-debugsource redhat-upgrade-libzip-devel redhat-upgrade-libzip-tools redhat-upgrade-libzip-tools-debuginfo redhat-upgrade-php redhat-upgrade-php-bcmath redhat-upgrade-php-bcmath-debuginfo redhat-upgrade-php-cli redhat-upgrade-php-cli-debuginfo redhat-upgrade-php-common redhat-upgrade-php-common-debuginfo redhat-upgrade-php-dba redhat-upgrade-php-dba-debuginfo redhat-upgrade-php-dbg redhat-upgrade-php-dbg-debuginfo redhat-upgrade-php-debuginfo redhat-upgrade-php-debugsource redhat-upgrade-php-devel redhat-upgrade-php-embedded redhat-upgrade-php-embedded-debuginfo redhat-upgrade-php-enchant redhat-upgrade-php-enchant-debuginfo redhat-upgrade-php-ffi redhat-upgrade-php-ffi-debuginfo redhat-upgrade-php-fpm redhat-upgrade-php-fpm-debuginfo redhat-upgrade-php-gd redhat-upgrade-php-gd-debuginfo redhat-upgrade-php-gmp redhat-upgrade-php-gmp-debuginfo redhat-upgrade-php-intl redhat-upgrade-php-intl-debuginfo redhat-upgrade-php-json redhat-upgrade-php-json-debuginfo redhat-upgrade-php-ldap redhat-upgrade-php-ldap-debuginfo redhat-upgrade-php-mbstring redhat-upgrade-php-mbstring-debuginfo redhat-upgrade-php-mysqlnd redhat-upgrade-php-mysqlnd-debuginfo redhat-upgrade-php-odbc redhat-upgrade-php-odbc-debuginfo redhat-upgrade-php-opcache redhat-upgrade-php-opcache-debuginfo redhat-upgrade-php-pdo redhat-upgrade-php-pdo-debuginfo redhat-upgrade-php-pear redhat-upgrade-php-pecl-apcu redhat-upgrade-php-pecl-apcu-debuginfo redhat-upgrade-php-pecl-apcu-debugsource redhat-upgrade-php-pecl-apcu-devel redhat-upgrade-php-pecl-rrd redhat-upgrade-php-pecl-rrd-debuginfo redhat-upgrade-php-pecl-rrd-debugsource redhat-upgrade-php-pecl-xdebug redhat-upgrade-php-pecl-xdebug-debuginfo redhat-upgrade-php-pecl-xdebug-debugsource redhat-upgrade-php-pecl-xdebug3 redhat-upgrade-php-pecl-xdebug3-debuginfo redhat-upgrade-php-pecl-xdebug3-debugsource redhat-upgrade-php-pecl-zip redhat-upgrade-php-pecl-zip-debuginfo redhat-upgrade-php-pecl-zip-debugsource redhat-upgrade-php-pgsql redhat-upgrade-php-pgsql-debuginfo redhat-upgrade-php-process redhat-upgrade-php-process-debuginfo redhat-upgrade-php-snmp redhat-upgrade-php-snmp-debuginfo redhat-upgrade-php-soap redhat-upgrade-php-soap-debuginfo redhat-upgrade-php-xml redhat-upgrade-php-xml-debuginfo redhat-upgrade-php-xmlrpc redhat-upgrade-php-xmlrpc-debuginfo References CVE-2023-3824 RHSA-2023:5926 RHSA-2023:5927 RHSA-2024:0387 RHSA-2024:10952

Debian: CVE-2022-27635: firmware-nonfree -- security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/11/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) debian-upgrade-firmware-nonfree References https://attackerkb.com/topics/cve-2022-27635 CVE - 2022-27635 DLA-3596-1