ISHACK AI BOT

Microsoft Exchange: ADV160006: Oracle Outside In Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/10/2023 Created 10/04/2023 Added 08/10/2023 Modified 11/07/2023 Description Microsoft Exchange: ADV160006: Oracle Outside In Vulnerabilities Solution(s) microsoft-exchange-exchange_server_2016_CU1-kb3184736 microsoft-exchange-exchange_server_2016_CU2-kb3184736 References https://support.microsoft.com/help/3184736

Amazon Linux 2023: CVE-2023-40225: Medium priority package update for haproxy Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 08/10/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases. Solution(s) amazon-linux-2023-upgrade-haproxy amazon-linux-2023-upgrade-haproxy-debuginfo amazon-linux-2023-upgrade-haproxy-debugsource References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225 https://alas.aws.amazon.com/AL2023/ALAS-2023-293.html

APSB23-30:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-38225) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/10/2023 Created 08/22/2023 Added 08/22/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-38225 CVE - 2023-38225 https://helpx.adobe.com/security/products/reader/apsb23-30.html

Debian: CVE-2023-4128: linux, linux-5.10 -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 08/21/2023 Added 08/21/2023 Modified 01/28/2025 Description Deprecated Solution(s)

Amazon Linux AMI 2: CVE-2023-40225: Security patch for haproxy2 (ALASHAPROXY2-2023-007) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) amazon-linux-ami-2-upgrade-haproxy2 amazon-linux-ami-2-upgrade-haproxy2-debuginfo References https://attackerkb.com/topics/cve-2023-40225 AL2/ALASHAPROXY2-2023-007 CVE - 2023-40225

FreeBSD: VID-CFD2A634-3785-11EE-94B4-6CC21735F730 (CVE-2023-39417): postgresql-server -- Extension script @substitutions@ within quoting allow SQL injection Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/10/2023 Created 08/14/2023 Added 08/11/2023 Modified 01/28/2025 Description IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. Solution(s) freebsd-upgrade-package-postgresql-server References CVE-2023-39417

VMware Photon OS: CVE-2023-40225 Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/10/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-40225 CVE - 2023-40225

Huawei EulerOS: CVE-2023-33953: grpc security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/09/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… Solution(s) huawei-euleros-2_0_sp9-upgrade-grpc References https://attackerkb.com/topics/cve-2023-33953 CVE - 2023-33953 EulerOS-SA-2023-3332

Ubuntu: (Multiple Advisories) (CVE-2023-4273): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/09/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1030-gkeop ubuntu-upgrade-linux-image-5-15-0-1037-nvidia ubuntu-upgrade-linux-image-5-15-0-1037-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1040-ibm ubuntu-upgrade-linux-image-5-15-0-1040-raspi ubuntu-upgrade-linux-image-5-15-0-1043-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1044-gcp ubuntu-upgrade-linux-image-5-15-0-1044-gke ubuntu-upgrade-linux-image-5-15-0-1044-kvm ubuntu-upgrade-linux-image-5-15-0-1045-oracle ubuntu-upgrade-linux-image-5-15-0-1047-aws ubuntu-upgrade-linux-image-5-15-0-1049-azure ubuntu-upgrade-linux-image-5-15-0-1049-azure-fde ubuntu-upgrade-linux-image-5-15-0-86-generic ubuntu-upgrade-linux-image-5-15-0-86-generic-64k ubuntu-upgrade-linux-image-5-15-0-86-generic-lpae ubuntu-upgrade-linux-image-5-15-0-86-lowlatency ubuntu-upgrade-linux-image-5-15-0-86-lowlatency-64k ubuntu-upgrade-linux-image-6-0-0-1021-oem ubuntu-upgrade-linux-image-6-1-0-1021-oem ubuntu-upgrade-linux-image-6-2-0-1006-starfive ubuntu-upgrade-linux-image-6-2-0-1011-nvidia ubuntu-upgrade-linux-image-6-2-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1013-aws ubuntu-upgrade-linux-image-6-2-0-1013-oracle ubuntu-upgrade-linux-image-6-2-0-1014-azure ubuntu-upgrade-linux-image-6-2-0-1014-azure-fde ubuntu-upgrade-linux-image-6-2-0-1014-kvm ubuntu-upgrade-linux-image-6-2-0-1014-lowlatency ubuntu-upgrade-linux-image-6-2-0-1014-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1014-raspi ubuntu-upgrade-linux-image-6-2-0-1016-gcp ubuntu-upgrade-linux-image-6-2-0-34-generic ubuntu-upgrade-linux-image-6-2-0-34-generic-64k ubuntu-upgrade-linux-image-6-2-0-34-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-4273 CVE - 2023-4273 USN-6343-1 USN-6385-1 USN-6412-1 USN-6416-1 USN-6416-2 USN-6416-3 USN-6445-1 USN-6445-2 USN-6466-1 View more

Red Hat: CVE-2023-33953: gRPC: hpack table accounting errors can lead to denial of service (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/09/2023 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… Solution(s) redhat-upgrade-rhc-worker-playbook redhat-upgrade-rhc-worker-playbook-debuginfo References CVE-2023-33953 RHSA-2024:10761

SUSE: CVE-2023-33953: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/09/2023 Created 02/23/2024 Added 02/22/2024 Modified 01/28/2025 Description gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… Solution(s) suse-upgrade-abseil-cpp-devel suse-upgrade-grpc-devel suse-upgrade-grpc-source suse-upgrade-libabsl2308_0_0 suse-upgrade-libabsl2308_0_0-32bit suse-upgrade-libgrpc-1_60 suse-upgrade-libgrpc1_60 suse-upgrade-libgrpc37 suse-upgrade-libprotobuf-lite25_1_0 suse-upgrade-libprotobuf-lite25_1_0-32bit suse-upgrade-libprotobuf25_1_0 suse-upgrade-libprotobuf25_1_0-32bit suse-upgrade-libprotoc25_1_0 suse-upgrade-libprotoc25_1_0-32bit suse-upgrade-libre2-11 suse-upgrade-libre2-11-32bit suse-upgrade-libupb37 suse-upgrade-opencensus-proto-source suse-upgrade-protobuf-devel suse-upgrade-protobuf-java suse-upgrade-python311-abseil suse-upgrade-python311-grpcio suse-upgrade-python311-protobuf suse-upgrade-re2-devel suse-upgrade-upb-devel References https://attackerkb.com/topics/cve-2023-33953 CVE - 2023-33953

Amazon Linux AMI 2: CVE-2023-32803: Security patch for ca-certificates (ALAS-2023-2203) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/09/2023 Created 08/10/2023 Added 08/09/2023 Modified 08/09/2023 Description Amazon Linux AMI 2: CVE-2023-32803: Security patch for ca-certificates (ALAS-2023-2203) Solution(s) amazon-linux-ami-2-upgrade-ca-certificates References https://attackerkb.com/topics/cve-2023-32803 AL2/ALAS-2023-2203 CVE - 2023-32803

Amazon Linux AMI 2: CVE-2023-38471: Security patch for avahi (ALAS-2023-2175) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/09/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. Solution(s) amazon-linux-ami-2-upgrade-avahi amazon-linux-ami-2-upgrade-avahi-autoipd amazon-linux-ami-2-upgrade-avahi-compat-howl amazon-linux-ami-2-upgrade-avahi-compat-howl-devel amazon-linux-ami-2-upgrade-avahi-compat-libdns_sd amazon-linux-ami-2-upgrade-avahi-compat-libdns_sd-devel amazon-linux-ami-2-upgrade-avahi-debuginfo amazon-linux-ami-2-upgrade-avahi-devel amazon-linux-ami-2-upgrade-avahi-dnsconfd amazon-linux-ami-2-upgrade-avahi-glib amazon-linux-ami-2-upgrade-avahi-glib-devel amazon-linux-ami-2-upgrade-avahi-gobject amazon-linux-ami-2-upgrade-avahi-gobject-devel amazon-linux-ami-2-upgrade-avahi-libs amazon-linux-ami-2-upgrade-avahi-qt3 amazon-linux-ami-2-upgrade-avahi-qt3-devel amazon-linux-ami-2-upgrade-avahi-qt4 amazon-linux-ami-2-upgrade-avahi-qt4-devel amazon-linux-ami-2-upgrade-avahi-tools amazon-linux-ami-2-upgrade-avahi-ui amazon-linux-ami-2-upgrade-avahi-ui-devel amazon-linux-ami-2-upgrade-avahi-ui-gtk3 amazon-linux-ami-2-upgrade-avahi-ui-tools References https://attackerkb.com/topics/cve-2023-38471 AL2/ALAS-2023-2175 CVE - 2023-38471

Amazon Linux AMI 2: CVE-2023-38470: Security patch for avahi (ALAS-2023-2175) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/09/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. Solution(s) amazon-linux-ami-2-upgrade-avahi amazon-linux-ami-2-upgrade-avahi-autoipd amazon-linux-ami-2-upgrade-avahi-compat-howl amazon-linux-ami-2-upgrade-avahi-compat-howl-devel amazon-linux-ami-2-upgrade-avahi-compat-libdns_sd amazon-linux-ami-2-upgrade-avahi-compat-libdns_sd-devel amazon-linux-ami-2-upgrade-avahi-debuginfo amazon-linux-ami-2-upgrade-avahi-devel amazon-linux-ami-2-upgrade-avahi-dnsconfd amazon-linux-ami-2-upgrade-avahi-glib amazon-linux-ami-2-upgrade-avahi-glib-devel amazon-linux-ami-2-upgrade-avahi-gobject amazon-linux-ami-2-upgrade-avahi-gobject-devel amazon-linux-ami-2-upgrade-avahi-libs amazon-linux-ami-2-upgrade-avahi-qt3 amazon-linux-ami-2-upgrade-avahi-qt3-devel amazon-linux-ami-2-upgrade-avahi-qt4 amazon-linux-ami-2-upgrade-avahi-qt4-devel amazon-linux-ami-2-upgrade-avahi-tools amazon-linux-ami-2-upgrade-avahi-ui amazon-linux-ami-2-upgrade-avahi-ui-devel amazon-linux-ami-2-upgrade-avahi-ui-gtk3 amazon-linux-ami-2-upgrade-avahi-ui-tools References https://attackerkb.com/topics/cve-2023-38470 AL2/ALAS-2023-2175 CVE - 2023-38470

Amazon Linux 2023: CVE-2023-32559: Important priority package update for nodejs Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/09/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') to run arbitrary code outside of the limits defined in a policy.json file. Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2023-32559 CVE - 2023-32559 https://alas.aws.amazon.com/AL2023/ALAS-2023-304.html

Amazon Linux 2023: CVE-2023-32002: Important priority package update for nodejs Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/09/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. A vulnerability was found in NodeJS. This security issue occurs as the use of Module._load() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2023-32002 CVE - 2023-32002 https://alas.aws.amazon.com/AL2023/ALAS-2023-304.html

Red Hat: CVE-2023-4273: kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/09/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-4273 RHSA-2023:6583

PRTG CVE-2023-32781 Authenticated RCE Disclosed 08/09/2023 Created 01/22/2024 Description Authenticated RCE in Paessler PRTG Author(s) Kevin Joensen <[email protected]> Platform Windows Architectures x86, x64 Development Source Code History

Debian: CVE-2022-47185: trafficserver -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/09/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1. Solution(s) debian-upgrade-trafficserver References https://attackerkb.com/topics/cve-2022-47185 CVE - 2022-47185 DLA-3595-1

Debian: CVE-2023-4273: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/09/2023 Created 08/21/2023 Added 08/21/2023 Modified 01/28/2025 Description A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-4273 CVE - 2023-4273 DSA-5480-1

Huawei EulerOS: CVE-2023-33953: grpc security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/09/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… Solution(s) huawei-euleros-2_0_sp11-upgrade-grpc References https://attackerkb.com/topics/cve-2023-33953 CVE - 2023-33953 EulerOS-SA-2023-3030

Amazon Linux 2023: CVE-2023-32006: Important priority package update for nodejs Severity 8 CVSS (AV:N/AC:L/Au:S/C:P/I:C/A:N) Published 08/09/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2023-32006 CVE - 2023-32006 https://alas.aws.amazon.com/AL2023/ALAS-2023-304.html

Amazon Linux AMI 2: CVE-2023-4273: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/09/2023 Created 09/07/2023 Added 09/07/2023 Modified 01/28/2025 Description A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-192-182-736 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-128-80-144 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4273 AL2/ALASKERNEL-5.10-2023-039 AL2/ALASKERNEL-5.15-2023-026 CVE - 2023-4273

Huawei EulerOS: CVE-2023-33953: grpc security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/09/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… Solution(s) huawei-euleros-2_0_sp10-upgrade-grpc References https://attackerkb.com/topics/cve-2023-33953 CVE - 2023-33953 EulerOS-SA-2024-1083

Huawei EulerOS: CVE-2023-4273: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 08/09/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4273 CVE - 2023-4273 EulerOS-SA-2023-3033