ISHACK AI BOT

Oracle Linux: CVE-2023-3446: ELSA-2024-2264:edk2 security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/19/2023 Created 12/21/2023 Added 12/19/2023 Modified 12/05/2024 Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service. Solution(s) oracle-linux-upgrade-edk2-aarch64 oracle-linux-upgrade-edk2-ovmf oracle-linux-upgrade-edk2-tools oracle-linux-upgrade-edk2-tools-doc References https://attackerkb.com/topics/cve-2023-3446 CVE - 2023-3446 ELSA-2024-2264 ELSA-2024-0888 ELSA-2024-12056 ELSA-2023-7877 ELSA-2024-2447

Debian: CVE-2023-3446: openssl -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/19/2023 Created 08/17/2023 Added 08/17/2023 Modified 01/30/2025 Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. Solution(s) debian-upgrade-openssl References https://attackerkb.com/topics/cve-2023-3446 CVE - 2023-3446 DLA-3530-1

Oracle Linux: CVE-2022-2127: ELSA-2023-7139:samba security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 07/19/2023 Created 11/18/2023 Added 11/16/2023 Modified 12/05/2024 Description An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash. Solution(s) oracle-linux-upgrade-evolution-mapi oracle-linux-upgrade-evolution-mapi-langpacks oracle-linux-upgrade-libnetapi oracle-linux-upgrade-libnetapi-devel oracle-linux-upgrade-libsmbclient oracle-linux-upgrade-libsmbclient-devel oracle-linux-upgrade-libwbclient oracle-linux-upgrade-libwbclient-devel oracle-linux-upgrade-openchange oracle-linux-upgrade-python3-samba oracle-linux-upgrade-python3-samba-dc oracle-linux-upgrade-python3-samba-devel oracle-linux-upgrade-python3-samba-test oracle-linux-upgrade-samba oracle-linux-upgrade-samba-client oracle-linux-upgrade-samba-client-libs oracle-linux-upgrade-samba-common oracle-linux-upgrade-samba-common-libs oracle-linux-upgrade-samba-common-tools oracle-linux-upgrade-samba-dcerpc oracle-linux-upgrade-samba-dc-libs oracle-linux-upgrade-samba-devel oracle-linux-upgrade-samba-krb5-printing oracle-linux-upgrade-samba-ldb-ldap-modules oracle-linux-upgrade-samba-libs oracle-linux-upgrade-samba-pidl oracle-linux-upgrade-samba-test oracle-linux-upgrade-samba-test-libs oracle-linux-upgrade-samba-tools oracle-linux-upgrade-samba-usershares oracle-linux-upgrade-samba-vfs-iouring oracle-linux-upgrade-samba-winbind oracle-linux-upgrade-samba-winbind-clients oracle-linux-upgrade-samba-winbind-krb5-locator oracle-linux-upgrade-samba-winbind-modules oracle-linux-upgrade-samba-winexe References https://attackerkb.com/topics/cve-2022-2127 CVE - 2022-2127 ELSA-2023-7139 ELSA-2023-6667

IBM AIX: openssl_advisory39 (CVE-2023-3446): Vulnerability in openssl affects AIX Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/19/2023 Created 09/13/2023 Added 09/12/2023 Modified 01/30/2025 Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. Solution(s) ibm-aix-openssl_advisory39 References https://attackerkb.com/topics/cve-2023-3446 CVE - 2023-3446 https://aix.software.ibm.com/aix/efixes/security/openssl_advisory39.asc

VMware Photon OS: CVE-2023-3446 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/19/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-3446 CVE - 2023-3446

Amazon Linux AMI: CVE-2023-22049: Security patch for java-1.8.0-openjdk (ALAS-2023-1797) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/18/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) amazon-linux-upgrade-java-1-8-0-openjdk References ALAS-2023-1797 CVE-2023-22049

VMware Photon OS: CVE-2023-22058 Severity 5 CVSS (AV:N/AC:H/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-22058 CVE - 2023-22058

Huawei EulerOS: CVE-2021-33294: elfutils security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 07/18/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file. Solution(s) huawei-euleros-2_0_sp10-upgrade-elfutils References https://attackerkb.com/topics/cve-2021-33294 CVE - 2021-33294 EulerOS-SA-2023-3205

Alpine Linux: CVE-2023-22036: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/18/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) alpine-linux-upgrade-openjdk11 alpine-linux-upgrade-openjdk17 References https://attackerkb.com/topics/cve-2023-22036 CVE - 2023-22036 https://security.alpinelinux.org/vuln/CVE-2023-22036

Alpine Linux: CVE-2023-22041: Vulnerability in Multiple Components Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 07/18/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). Solution(s) alpine-linux-upgrade-openjdk11 alpine-linux-upgrade-openjdk17 References https://attackerkb.com/topics/cve-2023-22041 CVE - 2023-22041 https://security.alpinelinux.org/vuln/CVE-2023-22041

Alpine Linux: CVE-2023-22045: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/18/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). Solution(s) alpine-linux-upgrade-openjdk8 alpine-linux-upgrade-openjdk11 alpine-linux-upgrade-openjdk17 References https://attackerkb.com/topics/cve-2023-22045 CVE - 2023-22045 https://security.alpinelinux.org/vuln/CVE-2023-22045

Alpine Linux: CVE-2023-22049: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/18/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) alpine-linux-upgrade-openjdk8 alpine-linux-upgrade-openjdk11 alpine-linux-upgrade-openjdk17 References https://attackerkb.com/topics/cve-2023-22049 CVE - 2023-22049 https://security.alpinelinux.org/vuln/CVE-2023-22049

Debian: CVE-2023-38431: linux -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 07/18/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-38431 CVE - 2023-38431

Debian: CVE-2023-38426: linux -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 07/18/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-38426 CVE - 2023-38426

OpenSSL vulnerability (CVE-2023-3446) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/19/2023 Created 06/06/2024 Added 06/05/2024 Modified 01/30/2025 Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. Solution(s) http-openssl-1_0_2-upgrade-1_0_2_z_i http-openssl-1_1_1-upgrade-1_1_1_v http-openssl-3_0_10-upgrade-3_0_10 http-openssl-3_1_2-upgrade-3_1_2 References https://attackerkb.com/topics/cve-2023-3446 CVE - 2023-3446

Google Chrome Vulnerability: CVE-2023-3727 Use after free in WebRTC Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/19/2023 Created 07/19/2023 Added 07/19/2023 Modified 01/28/2025 Description Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-3727 CVE - 2023-3727 https://crbug.com/1454086

Gentoo Linux: CVE-2023-3446: OpenSSL: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/19/2023 Created 02/06/2024 Added 02/05/2024 Modified 01/30/2025 Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. Solution(s) gentoo-linux-upgrade-dev-libs-openssl References https://attackerkb.com/topics/cve-2023-3446 CVE - 2023-3446 202402-08

Ubuntu: USN-6238-1 (CVE-2023-34966): Samba vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/19/2023 Created 07/20/2023 Added 07/20/2023 Modified 01/30/2025 Description An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition. Solution(s) ubuntu-upgrade-samba References https://attackerkb.com/topics/cve-2023-34966 CVE - 2023-34966 USN-6238-1

Red Hat: CVE-2023-3674: keylime: Attestation failure when the quote's signature does not validate (Multiple Advisories) Severity 1 CVSS (AV:L/AC:L/Au:M/C:N/I:P/A:N) Published 07/19/2023 Created 03/07/2024 Added 03/06/2024 Modified 09/03/2024 Description A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted. Solution(s) redhat-upgrade-keylime redhat-upgrade-keylime-base redhat-upgrade-keylime-registrar redhat-upgrade-keylime-selinux redhat-upgrade-keylime-tenant redhat-upgrade-keylime-verifier redhat-upgrade-python3-keylime References CVE-2023-3674 RHSA-2024:1139

Oracle Linux: CVE-2023-22053: ELSA-2024-1141:mysql security update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:H/Au:S/C:P/I:N/A:C) Published 07/18/2023 Created 02/24/2024 Added 02/22/2024 Modified 01/07/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs).Supported versions that are affected are 5.7.42 and prior and8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server andunauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H). Solution(s) oracle-linux-upgrade-mecab oracle-linux-upgrade-mecab-devel oracle-linux-upgrade-mecab-ipadic oracle-linux-upgrade-mecab-ipadic-eucjp oracle-linux-upgrade-mysql oracle-linux-upgrade-mysql-common oracle-linux-upgrade-mysql-devel oracle-linux-upgrade-mysql-errmsg oracle-linux-upgrade-mysql-libs oracle-linux-upgrade-mysql-server oracle-linux-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22053 CVE - 2023-22053 ELSA-2024-1141 ELSA-2024-0894

Oracle Linux: CVE-2023-22045: ELSA-2023-4176:java-1.8.0-openjdk security and bug fix update (MODERATE) (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:P/I:N/A:N) Published 07/18/2023 Created 07/25/2023 Added 07/21/2023 Modified 12/06/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). Solution(s) oracle-linux-upgrade-java-11-openjdk oracle-linux-upgrade-java-11-openjdk-demo oracle-linux-upgrade-java-11-openjdk-devel oracle-linux-upgrade-java-11-openjdk-headless oracle-linux-upgrade-java-11-openjdk-javadoc oracle-linux-upgrade-java-11-openjdk-javadoc-zip oracle-linux-upgrade-java-11-openjdk-jmods oracle-linux-upgrade-java-11-openjdk-src oracle-linux-upgrade-java-11-openjdk-static-libs oracle-linux-upgrade-java-17-openjdk oracle-linux-upgrade-java-17-openjdk-demo oracle-linux-upgrade-java-17-openjdk-demo-fastdebug oracle-linux-upgrade-java-17-openjdk-demo-slowdebug oracle-linux-upgrade-java-17-openjdk-devel oracle-linux-upgrade-java-17-openjdk-devel-fastdebug oracle-linux-upgrade-java-17-openjdk-devel-slowdebug oracle-linux-upgrade-java-17-openjdk-fastdebug oracle-linux-upgrade-java-17-openjdk-headless oracle-linux-upgrade-java-17-openjdk-headless-fastdebug oracle-linux-upgrade-java-17-openjdk-headless-slowdebug oracle-linux-upgrade-java-17-openjdk-javadoc oracle-linux-upgrade-java-17-openjdk-javadoc-zip oracle-linux-upgrade-java-17-openjdk-jmods oracle-linux-upgrade-java-17-openjdk-jmods-fastdebug oracle-linux-upgrade-java-17-openjdk-jmods-slowdebug oracle-linux-upgrade-java-17-openjdk-slowdebug oracle-linux-upgrade-java-17-openjdk-src oracle-linux-upgrade-java-17-openjdk-src-fastdebug oracle-linux-upgrade-java-17-openjdk-src-slowdebug oracle-linux-upgrade-java-17-openjdk-static-libs oracle-linux-upgrade-java-17-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-17-openjdk-static-libs-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk oracle-linux-upgrade-java-1-8-0-openjdk-demo oracle-linux-upgrade-java-1-8-0-openjdk-demo-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-demo-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-devel oracle-linux-upgrade-java-1-8-0-openjdk-devel-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-devel-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-headless oracle-linux-upgrade-java-1-8-0-openjdk-headless-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-headless-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-javadoc oracle-linux-upgrade-java-1-8-0-openjdk-javadoc-zip oracle-linux-upgrade-java-1-8-0-openjdk-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-src oracle-linux-upgrade-java-1-8-0-openjdk-src-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-src-slowdebug References https://attackerkb.com/topics/cve-2023-22045 CVE - 2023-22045 ELSA-2023-4176 ELSA-2023-4177 ELSA-2023-4178 ELSA-2023-4159 ELSA-2023-4175 ELSA-2023-4158 ELSA-2023-4233 ELSA-2023-4166 View more

Oracle Linux: CVE-2023-22036: ELSA-2023-4177:java-17-openjdk security and bug fix update (MODERATE) (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 07/18/2023 Created 07/25/2023 Added 07/21/2023 Modified 12/06/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) oracle-linux-upgrade-java-11-openjdk oracle-linux-upgrade-java-11-openjdk-demo oracle-linux-upgrade-java-11-openjdk-devel oracle-linux-upgrade-java-11-openjdk-headless oracle-linux-upgrade-java-11-openjdk-javadoc oracle-linux-upgrade-java-11-openjdk-javadoc-zip oracle-linux-upgrade-java-11-openjdk-jmods oracle-linux-upgrade-java-11-openjdk-src oracle-linux-upgrade-java-11-openjdk-static-libs oracle-linux-upgrade-java-17-openjdk oracle-linux-upgrade-java-17-openjdk-demo oracle-linux-upgrade-java-17-openjdk-demo-fastdebug oracle-linux-upgrade-java-17-openjdk-demo-slowdebug oracle-linux-upgrade-java-17-openjdk-devel oracle-linux-upgrade-java-17-openjdk-devel-fastdebug oracle-linux-upgrade-java-17-openjdk-devel-slowdebug oracle-linux-upgrade-java-17-openjdk-fastdebug oracle-linux-upgrade-java-17-openjdk-headless oracle-linux-upgrade-java-17-openjdk-headless-fastdebug oracle-linux-upgrade-java-17-openjdk-headless-slowdebug oracle-linux-upgrade-java-17-openjdk-javadoc oracle-linux-upgrade-java-17-openjdk-javadoc-zip oracle-linux-upgrade-java-17-openjdk-jmods oracle-linux-upgrade-java-17-openjdk-jmods-fastdebug oracle-linux-upgrade-java-17-openjdk-jmods-slowdebug oracle-linux-upgrade-java-17-openjdk-slowdebug oracle-linux-upgrade-java-17-openjdk-src oracle-linux-upgrade-java-17-openjdk-src-fastdebug oracle-linux-upgrade-java-17-openjdk-src-slowdebug oracle-linux-upgrade-java-17-openjdk-static-libs oracle-linux-upgrade-java-17-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-17-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2023-22036 CVE - 2023-22036 ELSA-2023-4177 ELSA-2023-4159 ELSA-2023-4175 ELSA-2023-4158 ELSA-2023-4233

SUSE: CVE-2021-32256: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 07/18/2023 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. Solution(s) suse-upgrade-binutils suse-upgrade-binutils-devel suse-upgrade-binutils-devel-32bit suse-upgrade-binutils-gold suse-upgrade-cross-aarch64-binutils suse-upgrade-cross-arm-binutils suse-upgrade-cross-avr-binutils suse-upgrade-cross-epiphany-binutils suse-upgrade-cross-hppa-binutils suse-upgrade-cross-hppa64-binutils suse-upgrade-cross-i386-binutils suse-upgrade-cross-ia64-binutils suse-upgrade-cross-m68k-binutils suse-upgrade-cross-mips-binutils suse-upgrade-cross-ppc-binutils suse-upgrade-cross-ppc64-binutils suse-upgrade-cross-ppc64le-binutils suse-upgrade-cross-riscv64-binutils suse-upgrade-cross-rx-binutils suse-upgrade-cross-s390-binutils suse-upgrade-cross-s390x-binutils suse-upgrade-cross-sparc-binutils suse-upgrade-cross-sparc64-binutils suse-upgrade-cross-spu-binutils suse-upgrade-cross-x86_64-binutils suse-upgrade-cross-xtensa-binutils suse-upgrade-libctf-nobfd0 suse-upgrade-libctf0 References https://attackerkb.com/topics/cve-2021-32256 CVE - 2021-32256

FreeBSD: VID-759A5599-3CE8-11EE-A0D1-84A93843EB75 (CVE-2023-22046): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 08/21/2023 Added 08/18/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-22046

FreeBSD: VID-759A5599-3CE8-11EE-A0D1-84A93843EB75 (CVE-2023-22057): MySQL -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 08/21/2023 Added 08/18/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2023-22057