ISHACK AI BOT

CentOS Linux: CVE-2023-3417: Important: thunderbird security update (CESA-2023:4495) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/24/2023 Created 08/09/2023 Added 08/08/2023 Modified 01/28/2025 Description Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while infact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1. Solution(s) centos-upgrade-thunderbird centos-upgrade-thunderbird-debuginfo References CVE-2023-3417

CentOS Linux: CVE-2023-3812: Important: kernel-rt security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/24/2023 Created 11/30/2023 Added 11/29/2023 Modified 01/28/2025 Description An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt centos-upgrade-kpatch-patch-4_18_0-513_5_1 centos-upgrade-kpatch-patch-4_18_0-513_5_1-debuginfo centos-upgrade-kpatch-patch-4_18_0-513_5_1-debugsource centos-upgrade-kpatch-patch-5_14_0-362_13_1 centos-upgrade-kpatch-patch-5_14_0-362_13_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-362_13_1-debugsource centos-upgrade-kpatch-patch-5_14_0-362_8_1 centos-upgrade-kpatch-patch-5_14_0-362_8_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-362_8_1-debugsource References CVE-2023-3812

VMware Photon OS: CVE-2023-32258 Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 07/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-32258 CVE - 2023-32258

Ubuntu: USN-6240-1 (CVE-2023-3748): FRR vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/24/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. Solution(s) ubuntu-upgrade-frr References https://attackerkb.com/topics/cve-2023-3748 CVE - 2023-3748 USN-6240-1

Ubuntu: USN-7094-1 (CVE-2023-3019): QEMU vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/24/2023 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Solution(s) ubuntu-pro-upgrade-qemu ubuntu-pro-upgrade-qemu-system ubuntu-pro-upgrade-qemu-system-aarch64 ubuntu-pro-upgrade-qemu-system-arm ubuntu-pro-upgrade-qemu-system-common ubuntu-pro-upgrade-qemu-system-mips ubuntu-pro-upgrade-qemu-system-misc ubuntu-pro-upgrade-qemu-system-ppc ubuntu-pro-upgrade-qemu-system-s390x ubuntu-pro-upgrade-qemu-system-sparc ubuntu-pro-upgrade-qemu-system-x86 ubuntu-pro-upgrade-qemu-system-x86-microvm ubuntu-pro-upgrade-qemu-system-x86-xen ubuntu-pro-upgrade-qemu-system-xen References https://attackerkb.com/topics/cve-2023-3019 CVE - 2023-3019 USN-7094-1

Ubuntu: (Multiple Advisories) (CVE-2023-3863): Linux kernel (OEM) vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:M/C:C/I:N/A:N) Published 07/24/2023 Created 08/14/2023 Added 08/14/2023 Modified 01/28/2025 Description A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1124-oracle ubuntu-upgrade-linux-image-4-15-0-1145-kvm ubuntu-upgrade-linux-image-4-15-0-1155-gcp ubuntu-upgrade-linux-image-4-15-0-1161-aws ubuntu-upgrade-linux-image-4-15-0-1170-azure ubuntu-upgrade-linux-image-4-15-0-218-generic ubuntu-upgrade-linux-image-4-15-0-218-lowlatency ubuntu-upgrade-linux-image-4-4-0-1123-aws ubuntu-upgrade-linux-image-4-4-0-1124-kvm ubuntu-upgrade-linux-image-4-4-0-1161-aws ubuntu-upgrade-linux-image-4-4-0-245-generic ubuntu-upgrade-linux-image-4-4-0-245-lowlatency ubuntu-upgrade-linux-image-5-15-0-1030-gkeop ubuntu-upgrade-linux-image-5-15-0-1037-nvidia ubuntu-upgrade-linux-image-5-15-0-1037-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1040-ibm ubuntu-upgrade-linux-image-5-15-0-1040-raspi ubuntu-upgrade-linux-image-5-15-0-1043-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1044-gcp ubuntu-upgrade-linux-image-5-15-0-1044-gke ubuntu-upgrade-linux-image-5-15-0-1044-kvm ubuntu-upgrade-linux-image-5-15-0-1045-oracle ubuntu-upgrade-linux-image-5-15-0-1047-aws ubuntu-upgrade-linux-image-5-15-0-1049-azure ubuntu-upgrade-linux-image-5-15-0-1049-azure-fde ubuntu-upgrade-linux-image-5-15-0-86-generic ubuntu-upgrade-linux-image-5-15-0-86-generic-64k ubuntu-upgrade-linux-image-5-15-0-86-generic-lpae ubuntu-upgrade-linux-image-5-15-0-86-lowlatency ubuntu-upgrade-linux-image-5-15-0-86-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1023-iot ubuntu-upgrade-linux-image-5-4-0-1031-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1058-ibm ubuntu-upgrade-linux-image-5-4-0-1072-bluefield ubuntu-upgrade-linux-image-5-4-0-1078-gkeop ubuntu-upgrade-linux-image-5-4-0-1095-raspi ubuntu-upgrade-linux-image-5-4-0-1100-kvm ubuntu-upgrade-linux-image-5-4-0-1110-oracle ubuntu-upgrade-linux-image-5-4-0-1111-aws ubuntu-upgrade-linux-image-5-4-0-1115-gcp ubuntu-upgrade-linux-image-5-4-0-1117-azure ubuntu-upgrade-linux-image-5-4-0-164-generic ubuntu-upgrade-linux-image-5-4-0-164-generic-lpae ubuntu-upgrade-linux-image-5-4-0-164-lowlatency ubuntu-upgrade-linux-image-6-0-0-1021-oem ubuntu-upgrade-linux-image-6-1-0-1019-oem ubuntu-upgrade-linux-image-6-2-0-1008-starfive ubuntu-upgrade-linux-image-6-2-0-1009-starfive ubuntu-upgrade-linux-image-6-2-0-1011-nvidia ubuntu-upgrade-linux-image-6-2-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1015-aws ubuntu-upgrade-linux-image-6-2-0-1015-oracle ubuntu-upgrade-linux-image-6-2-0-1016-azure ubuntu-upgrade-linux-image-6-2-0-1016-azure-fde ubuntu-upgrade-linux-image-6-2-0-1016-kvm ubuntu-upgrade-linux-image-6-2-0-1016-lowlatency ubuntu-upgrade-linux-image-6-2-0-1016-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1016-raspi ubuntu-upgrade-linux-image-6-2-0-1018-gcp ubuntu-upgrade-linux-image-6-2-0-36-generic ubuntu-upgrade-linux-image-6-2-0-36-generic-64k ubuntu-upgrade-linux-image-6-2-0-36-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-3863 CVE - 2023-3863 USN-6285-1 USN-6385-1 USN-6388-1 USN-6396-1 USN-6396-2 USN-6396-3 USN-6416-1 USN-6416-2 USN-6416-3 USN-6417-1 USN-6445-1 USN-6445-2 USN-6464-1 USN-6466-1 USN-6520-1 View more

Google Chrome Vulnerability: CVE-2021-4318 Object corruption in Blink Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2021-4318 CVE - 2021-4318 https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html https://crbug.com/1237730

Red Hat: CVE-2023-3567: kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 07/24/2023 Created 01/27/2024 Added 01/26/2024 Modified 12/05/2024 Description A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-3567 RHSA-2024:0412 RHSA-2024:0431 RHSA-2024:0432 RHSA-2024:0439 RHSA-2024:0448 RHSA-2024:0575 RHSA-2024:2394 RHSA-2024:2950 RHSA-2024:3138 View more

CentOS Linux: CVE-2023-33951: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:M/C:C/I:N/A:N) Published 07/24/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt References CVE-2023-33951

Google Chrome Vulnerability: CVE-2021-4317 Use after free in ANGLE Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2021-4317 CVE - 2021-4317 https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html https://crbug.com/1260783

Debian: CVE-2023-3738: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Inappropriate implementation in Autofill in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3738 CVE - 2023-3738 DSA-5456-1

Debian: CVE-2023-3740: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Insufficient validation of untrusted input in Themes in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially serve malicious content to a user via a crafted background URL. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3740 CVE - 2023-3740 DSA-5456-1

Debian: CVE-2023-3728: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3728 CVE - 2023-3728 DSA-5456-1

Debian: CVE-2023-3730: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Use after free in Tab Groups in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3730 CVE - 2023-3730 DSA-5456-1

Debian: CVE-2023-3734: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Inappropriate implementation in Picture In Picture in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3734 CVE - 2023-3734 DSA-5456-1

Debian: CVE-2023-3735: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3735 CVE - 2023-3735 DSA-5456-1

Google Chrome Vulnerability: CVE-2022-4921 Use after free in Accessibility Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2022-4921 CVE - 2022-4921 https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html https://crbug.com/1262902

Google Chrome Vulnerability: CVE-2022-4922 Inappropriate implementation in Blink Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/24/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2022-4922 CVE - 2022-4922 https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html https://crbug.com/1261191

Amazon Linux 2023: CVE-2023-3773: Important priority package update for kernel Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 07/23/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-49-69-116 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-3773 CVE - 2023-3773 https://alas.aws.amazon.com/AL2023/ALAS-2023-330.html

VMware Photon OS: CVE-2023-2430 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-2430 CVE - 2023-2430

Amazon Linux 2023: CVE-2023-4147: Important priority package update for kernel Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/23/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-49-69-116 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-4147 CVE - 2023-4147 https://alas.aws.amazon.com/AL2023/ALAS-2023-330.html

Debian: CVE-2023-2430: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/23/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-2430 CVE - 2023-2430 DSA-5492 DSA-5492-1

Oracle Linux: CVE-2023-3773: ELSA-2023-6583:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 07/23/2023 Created 11/18/2023 Added 11/16/2023 Modified 11/29/2024 Description A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-3773 CVE - 2023-3773 ELSA-2023-6583

Oracle Linux: CVE-2023-4147: ELSA-2023-5069:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/23/2023 Created 09/18/2023 Added 09/15/2023 Modified 11/30/2024 Description A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-4147 CVE - 2023-4147 ELSA-2023-5069

SUSE: CVE-2023-38633: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 07/22/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/28/2025 Description A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. Solution(s) suse-upgrade-gdk-pixbuf-loader-rsvg suse-upgrade-gdk-pixbuf-loader-rsvg-32bit suse-upgrade-librsvg-2-2 suse-upgrade-librsvg-2-2-32bit suse-upgrade-librsvg-devel suse-upgrade-rsvg-convert suse-upgrade-rsvg-thumbnailer suse-upgrade-typelib-1_0-rsvg-2_0 References https://attackerkb.com/topics/cve-2023-38633 CVE - 2023-38633 DSA-5484