ISHACK AI BOT

Adobe Acrobat: CVE-2023-38233: Security updates available for Adobe Acrobat and Reader (APSB23-30) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 08/08/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to application denial-of-service, security feature bypass, memory leak and arbitrary code execution . Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-38233 https://helpx.adobe.com/security/products/acrobat/apsb23-30.html CVE - 2023-38233

Adobe Acrobat: CVE-2023-38227: Security updates available for Adobe Acrobat and Reader (APSB23-30) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 08/08/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to application denial-of-service, security feature bypass, memory leak and arbitrary code execution . Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-38227 https://helpx.adobe.com/security/products/acrobat/apsb23-30.html CVE - 2023-38227

Adobe Acrobat: CVE-2023-38248: Security updates available for Adobe Acrobat and Reader (APSB23-30) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 08/08/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to application denial-of-service, security feature bypass, memory leak and arbitrary code execution . Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-38248 https://helpx.adobe.com/security/products/acrobat/apsb23-30.html CVE - 2023-38248

Huawei EulerOS: CVE-2023-29499: glib2 security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/08/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. Solution(s) huawei-euleros-2_0_sp9-upgrade-glib2 References https://attackerkb.com/topics/cve-2023-29499 CVE - 2023-29499 EulerOS-SA-2023-2612

Huawei EulerOS: CVE-2023-32665: glib2 security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/08/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. Solution(s) huawei-euleros-2_0_sp9-upgrade-glib2 References https://attackerkb.com/topics/cve-2023-32665 CVE - 2023-32665 EulerOS-SA-2023-2612

Huawei EulerOS: CVE-2023-32636: glib2 security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/08/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. Solution(s) huawei-euleros-2_0_sp9-upgrade-glib2 References https://attackerkb.com/topics/cve-2023-32636 CVE - 2023-32636 EulerOS-SA-2023-2612

Alma Linux: CVE-2023-38180: Important: .NET 7.0 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/08/2023 Created 08/16/2023 Added 08/16/2023 Modified 01/28/2025 Description .NET and Visual Studio Denial of Service Vulnerability Solution(s) alma-upgrade-aspnetcore-runtime-6.0 alma-upgrade-aspnetcore-runtime-7.0 alma-upgrade-aspnetcore-targeting-pack-6.0 alma-upgrade-aspnetcore-targeting-pack-7.0 alma-upgrade-dotnet alma-upgrade-dotnet-apphost-pack-6.0 alma-upgrade-dotnet-apphost-pack-7.0 alma-upgrade-dotnet-host alma-upgrade-dotnet-hostfxr-6.0 alma-upgrade-dotnet-hostfxr-7.0 alma-upgrade-dotnet-runtime-6.0 alma-upgrade-dotnet-runtime-7.0 alma-upgrade-dotnet-sdk-6.0 alma-upgrade-dotnet-sdk-6.0-source-built-artifacts alma-upgrade-dotnet-sdk-7.0 alma-upgrade-dotnet-sdk-7.0-source-built-artifacts alma-upgrade-dotnet-targeting-pack-6.0 alma-upgrade-dotnet-targeting-pack-7.0 alma-upgrade-dotnet-templates-6.0 alma-upgrade-dotnet-templates-7.0 alma-upgrade-netstandard-targeting-pack-2.1 References https://attackerkb.com/topics/cve-2023-38180 CVE - 2023-38180 https://errata.almalinux.org/8/ALSA-2023-4643.html https://errata.almalinux.org/8/ALSA-2023-4645.html https://errata.almalinux.org/9/ALSA-2023-4642.html https://errata.almalinux.org/9/ALSA-2023-4644.html

Microsoft Windows: CVE-2023-38254: Microsoft Message Queuing Denial of Service Vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 09/06/2024 Description Microsoft Message Queuing Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5029259 microsoft-windows-windows_10-1607-kb5029242 microsoft-windows-windows_10-1809-kb5029247 microsoft-windows-windows_10-21h2-kb5029244 microsoft-windows-windows_10-22h2-kb5029244 microsoft-windows-windows_11-21h2-kb5029253 microsoft-windows-windows_11-22h2-kb5029263 microsoft-windows-windows_server_2012-kb5029308 microsoft-windows-windows_server_2012_r2-kb5029304 microsoft-windows-windows_server_2016-1607-kb5029242 microsoft-windows-windows_server_2019-1809-kb5029247 microsoft-windows-windows_server_2022-21h2-kb5029250 microsoft-windows-windows_server_2022-22h2-kb5029250 msft-kb5029301-a1547be5-0202-42de-a84d-fe4f4a84c377 msft-kb5029301-c4e2b172-875e-4f65-9beb-aa4ca197f8bb msft-kb5029307-3bec02c2-d1d5-4e49-9725-a9f0853ffbfa References https://attackerkb.com/topics/cve-2023-38254 CVE - 2023-38254 https://support.microsoft.com/help/5029242 https://support.microsoft.com/help/5029244 https://support.microsoft.com/help/5029247 https://support.microsoft.com/help/5029250 https://support.microsoft.com/help/5029253 https://support.microsoft.com/help/5029259 https://support.microsoft.com/help/5029263 https://support.microsoft.com/help/5029304 https://support.microsoft.com/help/5029308 https://support.microsoft.com/help/5029312 View more

Microsoft Windows: CVE-2023-36906: Windows Cryptographic Services Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 09/06/2024 Description Windows Cryptographic Services Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5029259 microsoft-windows-windows_10-1607-kb5029242 microsoft-windows-windows_10-1809-kb5029247 microsoft-windows-windows_10-21h2-kb5029244 microsoft-windows-windows_10-22h2-kb5029244 microsoft-windows-windows_11-21h2-kb5029253 microsoft-windows-windows_11-22h2-kb5029263 microsoft-windows-windows_server_2012-kb5029308 microsoft-windows-windows_server_2012_r2-kb5029304 microsoft-windows-windows_server_2016-1607-kb5029242 microsoft-windows-windows_server_2019-1809-kb5029247 microsoft-windows-windows_server_2022-21h2-kb5029250 microsoft-windows-windows_server_2022-22h2-kb5029250 msft-kb5029301-a1547be5-0202-42de-a84d-fe4f4a84c377 msft-kb5029301-c4e2b172-875e-4f65-9beb-aa4ca197f8bb msft-kb5029307-3bec02c2-d1d5-4e49-9725-a9f0853ffbfa References https://attackerkb.com/topics/cve-2023-36906 CVE - 2023-36906 https://support.microsoft.com/help/5029242 https://support.microsoft.com/help/5029244 https://support.microsoft.com/help/5029247 https://support.microsoft.com/help/5029250 https://support.microsoft.com/help/5029253 https://support.microsoft.com/help/5029259 https://support.microsoft.com/help/5029263 https://support.microsoft.com/help/5029304 https://support.microsoft.com/help/5029308 https://support.microsoft.com/help/5029312 View more

Huawei EulerOS: CVE-2023-20569: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 08/08/2023 Created 01/30/2024 Added 01/29/2024 Modified 01/28/2025 Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-20569 CVE - 2023-20569 EulerOS-SA-2024-1122

Microsoft Windows: CVE-2023-35376: Microsoft Message Queuing Denial of Service Vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 09/06/2024 Description Microsoft Message Queuing Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5029259 microsoft-windows-windows_10-1607-kb5029242 microsoft-windows-windows_10-1809-kb5029247 microsoft-windows-windows_10-21h2-kb5029244 microsoft-windows-windows_10-22h2-kb5029244 microsoft-windows-windows_11-21h2-kb5029253 microsoft-windows-windows_11-22h2-kb5029263 microsoft-windows-windows_server_2012-kb5029308 microsoft-windows-windows_server_2012_r2-kb5029304 microsoft-windows-windows_server_2016-1607-kb5029242 microsoft-windows-windows_server_2019-1809-kb5029247 microsoft-windows-windows_server_2022-21h2-kb5029250 microsoft-windows-windows_server_2022-22h2-kb5029250 msft-kb5029301-a1547be5-0202-42de-a84d-fe4f4a84c377 msft-kb5029301-c4e2b172-875e-4f65-9beb-aa4ca197f8bb msft-kb5029307-3bec02c2-d1d5-4e49-9725-a9f0853ffbfa References https://attackerkb.com/topics/cve-2023-35376 CVE - 2023-35376 https://support.microsoft.com/help/5029242 https://support.microsoft.com/help/5029244 https://support.microsoft.com/help/5029247 https://support.microsoft.com/help/5029250 https://support.microsoft.com/help/5029253 https://support.microsoft.com/help/5029259 https://support.microsoft.com/help/5029263 https://support.microsoft.com/help/5029304 https://support.microsoft.com/help/5029308 https://support.microsoft.com/help/5029312 View more

Microsoft Windows: CVE-2023-38154: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 08/13/2024 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5029247 microsoft-windows-windows_server_2019-1809-kb5029247 References https://attackerkb.com/topics/cve-2023-38154 CVE - 2023-38154 https://support.microsoft.com/help/5029247

Microsoft Windows: CVE-2023-35383: Microsoft Message Queuing Information Disclosure Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 09/06/2024 Description Microsoft Message Queuing Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5029259 microsoft-windows-windows_10-1607-kb5029242 microsoft-windows-windows_10-1809-kb5029247 microsoft-windows-windows_10-21h2-kb5029244 microsoft-windows-windows_10-22h2-kb5029244 microsoft-windows-windows_11-21h2-kb5029253 microsoft-windows-windows_11-22h2-kb5029263 microsoft-windows-windows_server_2012-kb5029308 microsoft-windows-windows_server_2012_r2-kb5029304 microsoft-windows-windows_server_2016-1607-kb5029242 microsoft-windows-windows_server_2019-1809-kb5029247 microsoft-windows-windows_server_2022-21h2-kb5029250 microsoft-windows-windows_server_2022-22h2-kb5029250 msft-kb5029301-a1547be5-0202-42de-a84d-fe4f4a84c377 msft-kb5029301-c4e2b172-875e-4f65-9beb-aa4ca197f8bb msft-kb5029307-3bec02c2-d1d5-4e49-9725-a9f0853ffbfa References https://attackerkb.com/topics/cve-2023-35383 CVE - 2023-35383 https://support.microsoft.com/help/5029242 https://support.microsoft.com/help/5029244 https://support.microsoft.com/help/5029247 https://support.microsoft.com/help/5029250 https://support.microsoft.com/help/5029253 https://support.microsoft.com/help/5029259 https://support.microsoft.com/help/5029263 https://support.microsoft.com/help/5029304 https://support.microsoft.com/help/5029308 https://support.microsoft.com/help/5029312 View more

Microsoft Windows: CVE-2023-35386: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 08/07/2024 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5029259 microsoft-windows-windows_10-1607-kb5029242 microsoft-windows-windows_10-1809-kb5029247 microsoft-windows-windows_10-21h2-kb5029244 microsoft-windows-windows_10-22h2-kb5029244 microsoft-windows-windows_11-21h2-kb5029253 microsoft-windows-windows_11-22h2-kb5029263 microsoft-windows-windows_server_2016-1607-kb5029242 microsoft-windows-windows_server_2019-1809-kb5029247 microsoft-windows-windows_server_2022-21h2-kb5029250 microsoft-windows-windows_server_2022-22h2-kb5029250 References https://attackerkb.com/topics/cve-2023-35386 CVE - 2023-35386 https://support.microsoft.com/help/5029242 https://support.microsoft.com/help/5029244 https://support.microsoft.com/help/5029247 https://support.microsoft.com/help/5029250 https://support.microsoft.com/help/5029253 https://support.microsoft.com/help/5029259 https://support.microsoft.com/help/5029263 View more

Huawei EulerOS: CVE-2023-32643: glib2 security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/08/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. Solution(s) huawei-euleros-2_0_sp9-upgrade-glib2 References https://attackerkb.com/topics/cve-2023-32643 CVE - 2023-32643 EulerOS-SA-2023-2612

Red Hat: CVE-2023-39976: Buffer overflow in log_blackbox.c (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/08/2023 Created 10/11/2023 Added 10/11/2023 Modified 01/28/2025 Description log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. Solution(s) redhat-upgrade-doxygen2man-debuginfo redhat-upgrade-libqb redhat-upgrade-libqb-debuginfo redhat-upgrade-libqb-debugsource redhat-upgrade-libqb-devel redhat-upgrade-libqb-tests-debuginfo References CVE-2023-39976 RHSA-2023:5597 RHSA-2023:6578 RHSA-2023:7376

Microsoft Office: CVE-2023-36866: Microsoft Office Visio Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/08/2023 Created 08/09/2023 Added 08/08/2023 Modified 01/28/2025 Description Microsoft Office: CVE-2023-36866: Microsoft Office Visio Remote Code Execution Vulnerability Solution(s) office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-36866 CVE - 2023-36866

Rocky Linux: CVE-2023-4147: kernel-rt (RLSA-2023-5091) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/07/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Solution(s) rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra References https://attackerkb.com/topics/cve-2023-4147 CVE - 2023-4147 https://errata.rockylinux.org/RLSA-2023:5091

Alpine Linux: CVE-2023-36054: Access of Uninitialized Pointer Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 08/07/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. Solution(s) alpine-linux-upgrade-krb5 References https://attackerkb.com/topics/cve-2023-36054 CVE - 2023-36054 https://security.alpinelinux.org/vuln/CVE-2023-36054

Huawei EulerOS: CVE-2023-4147: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/07/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4147 CVE - 2023-4147 EulerOS-SA-2023-3033

CentOS Linux: CVE-2023-36054: Moderate: krb5 security and bug fix update (CESA-2023:6699) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 08/07/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. Solution(s) centos-upgrade-krb5-debuginfo centos-upgrade-krb5-debugsource centos-upgrade-krb5-devel centos-upgrade-krb5-libs centos-upgrade-krb5-libs-debuginfo centos-upgrade-krb5-pkinit centos-upgrade-krb5-pkinit-debuginfo centos-upgrade-krb5-server centos-upgrade-krb5-server-debuginfo centos-upgrade-krb5-server-ldap centos-upgrade-krb5-server-ldap-debuginfo centos-upgrade-krb5-workstation centos-upgrade-krb5-workstation-debuginfo centos-upgrade-libkadm5 centos-upgrade-libkadm5-debuginfo References CVE-2023-36054

Debian: CVE-2023-4147: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/07/2023 Created 08/21/2023 Added 08/21/2023 Modified 01/28/2025 Description A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-4147 CVE - 2023-4147 DSA-5480-1

Debian: CVE-2023-4194: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 08/07/2023 Created 08/21/2023 Added 08/21/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-4194 CVE - 2023-4194 DSA-5480-1

Amazon Linux AMI 2: CVE-2023-4194: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 08/07/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-192-182-736 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-128-80-144 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4194 AL2/ALASKERNEL-5.10-2023-039 AL2/ALASKERNEL-5.15-2023-026 AL2/ALASKERNEL-5.4-2023-051 AL2/ALASKERNEL-5.4-2023-054 CVE - 2023-4194

Debian: CVE-2023-4012: ntpsec -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/07/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3). Solution(s) debian-upgrade-ntpsec References https://attackerkb.com/topics/cve-2023-4012 CVE - 2023-4012 DSA-5466-1