ISHACK AI BOT

CentOS Linux: CVE-2023-2828: Important: bind security update (CESA-2023:4152) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/28/2025 Description Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) centos-upgrade-bind centos-upgrade-bind-chroot centos-upgrade-bind-debuginfo centos-upgrade-bind-devel centos-upgrade-bind-export-devel centos-upgrade-bind-export-libs centos-upgrade-bind-libs centos-upgrade-bind-libs-lite centos-upgrade-bind-license centos-upgrade-bind-lite-devel centos-upgrade-bind-pkcs11 centos-upgrade-bind-pkcs11-devel centos-upgrade-bind-pkcs11-libs centos-upgrade-bind-pkcs11-utils centos-upgrade-bind-sdb centos-upgrade-bind-sdb-chroot centos-upgrade-bind-utils References CVE-2023-2828

Red Hat JBossEAP: Inefficient Regular Expression Complexity (CVE-2022-25883) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 06/21/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.. A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2022-25883 CVE - 2022-25883 https://access.redhat.com/security/cve/CVE-2022-25883 https://bugzilla.redhat.com/show_bug.cgi?id=2216475 https://github.com/advisories/GHSA-c2qf-rxjj-qqgw https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795 https://access.redhat.com/errata/RHSA-2023:5484 https://access.redhat.com/errata/RHSA-2023:5485 https://access.redhat.com/errata/RHSA-2023:5486 https://access.redhat.com/errata/RHSA-2023:5488 View more

VMware Photon OS: CVE-2023-2829 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-2829 CVE - 2023-2829

CentOS Linux: CVE-2022-25883: Important: nodejs:16 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 09/28/2023 Added 09/27/2023 Modified 01/28/2025 Description Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. Solution(s) centos-upgrade-nodejs centos-upgrade-nodejs-debuginfo centos-upgrade-nodejs-debugsource centos-upgrade-nodejs-devel centos-upgrade-nodejs-docs centos-upgrade-nodejs-full-i18n centos-upgrade-nodejs-nodemon centos-upgrade-nodejs-packaging centos-upgrade-nodejs-packaging-bundler centos-upgrade-npm References CVE-2022-25883

Ubuntu: USN-6183-1 (CVE-2023-2911): Bind vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) ubuntu-upgrade-bind9 References https://attackerkb.com/topics/cve-2023-2911 CVE - 2023-2911 USN-6183-1

Red Hat: CVE-2022-25883: Regular expression denial of service (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 09/28/2023 Added 09/27/2023 Modified 01/30/2025 Description Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. Solution(s) redhat-upgrade-nodejs redhat-upgrade-nodejs-debuginfo redhat-upgrade-nodejs-debugsource redhat-upgrade-nodejs-devel redhat-upgrade-nodejs-docs redhat-upgrade-nodejs-full-i18n redhat-upgrade-nodejs-nodemon redhat-upgrade-nodejs-packaging redhat-upgrade-nodejs-packaging-bundler redhat-upgrade-npm References CVE-2022-25883 RHSA-2023:5360 RHSA-2023:5361 RHSA-2023:5362 RHSA-2023:5363

Alpine Linux: CVE-2023-2911: Out-of-bounds Write Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 10/02/2024 Added 10/01/2024 Modified 10/02/2024 Description If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) alpine-linux-upgrade-bind References https://attackerkb.com/topics/cve-2023-2911 CVE - 2023-2911 https://security.alpinelinux.org/vuln/CVE-2023-2911

Amazon Linux 2023: CVE-2023-2911: Important priority package update for bind Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. A vulnerability was found in BIND. This security flaw occurs when the recursive-clients quota is reached on a BIND 9 resolver configured with stale-answer-enable yes; and stale-answer-client-timeout 0;. A sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. Solution(s) amazon-linux-2023-upgrade-bind amazon-linux-2023-upgrade-bind-chroot amazon-linux-2023-upgrade-bind-debuginfo amazon-linux-2023-upgrade-bind-debugsource amazon-linux-2023-upgrade-bind-devel amazon-linux-2023-upgrade-bind-dlz-filesystem amazon-linux-2023-upgrade-bind-dlz-filesystem-debuginfo amazon-linux-2023-upgrade-bind-dlz-ldap amazon-linux-2023-upgrade-bind-dlz-ldap-debuginfo amazon-linux-2023-upgrade-bind-dlz-mysql amazon-linux-2023-upgrade-bind-dlz-mysql-debuginfo amazon-linux-2023-upgrade-bind-dlz-sqlite3 amazon-linux-2023-upgrade-bind-dlz-sqlite3-debuginfo amazon-linux-2023-upgrade-bind-dnssec-doc amazon-linux-2023-upgrade-bind-dnssec-utils amazon-linux-2023-upgrade-bind-dnssec-utils-debuginfo amazon-linux-2023-upgrade-bind-doc amazon-linux-2023-upgrade-bind-libs amazon-linux-2023-upgrade-bind-libs-debuginfo amazon-linux-2023-upgrade-bind-license amazon-linux-2023-upgrade-bind-pkcs11 amazon-linux-2023-upgrade-bind-pkcs11-debuginfo amazon-linux-2023-upgrade-bind-pkcs11-devel amazon-linux-2023-upgrade-bind-pkcs11-libs amazon-linux-2023-upgrade-bind-pkcs11-libs-debuginfo amazon-linux-2023-upgrade-bind-pkcs11-utils amazon-linux-2023-upgrade-bind-pkcs11-utils-debuginfo amazon-linux-2023-upgrade-bind-utils amazon-linux-2023-upgrade-bind-utils-debuginfo amazon-linux-2023-upgrade-python3-bind References https://attackerkb.com/topics/cve-2023-2911 CVE - 2023-2911 https://alas.aws.amazon.com/AL2023/ALAS-2023-240.html

VMware Photon OS: CVE-2023-25435 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-25435 CVE - 2023-25435

Huawei EulerOS: CVE-2023-2911: bind security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) huawei-euleros-2_0_sp11-upgrade-bind huawei-euleros-2_0_sp11-upgrade-bind-chroot huawei-euleros-2_0_sp11-upgrade-bind-dnssec-doc huawei-euleros-2_0_sp11-upgrade-bind-dnssec-utils huawei-euleros-2_0_sp11-upgrade-bind-libs huawei-euleros-2_0_sp11-upgrade-bind-license huawei-euleros-2_0_sp11-upgrade-bind-pkcs11 huawei-euleros-2_0_sp11-upgrade-bind-pkcs11-libs huawei-euleros-2_0_sp11-upgrade-bind-pkcs11-utils huawei-euleros-2_0_sp11-upgrade-bind-utils huawei-euleros-2_0_sp11-upgrade-python3-bind References https://attackerkb.com/topics/cve-2023-2911 CVE - 2023-2911 EulerOS-SA-2023-2854

Amazon Linux 2023: CVE-2022-25883: Important priority package update for nodejs Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service. Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2022-25883 CVE - 2022-25883 https://alas.aws.amazon.com/AL2023/ALAS-2023-290.html

SUSE: CVE-2023-2828: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 06/29/2023 Added 06/29/2023 Modified 01/28/2025 Description Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) suse-upgrade-bind suse-upgrade-bind-chrootenv suse-upgrade-bind-devel suse-upgrade-bind-devel-32bit suse-upgrade-bind-doc suse-upgrade-bind-libs suse-upgrade-bind-libs-32bit suse-upgrade-bind-utils suse-upgrade-libbind9-1600 suse-upgrade-libbind9-1600-32bit suse-upgrade-libbind9-161 suse-upgrade-libdns1110 suse-upgrade-libdns1605 suse-upgrade-libdns1605-32bit suse-upgrade-libirs-devel suse-upgrade-libirs1601 suse-upgrade-libirs1601-32bit suse-upgrade-libirs161 suse-upgrade-libisc1107 suse-upgrade-libisc1107-32bit suse-upgrade-libisc1606 suse-upgrade-libisc1606-32bit suse-upgrade-libisccc1600 suse-upgrade-libisccc1600-32bit suse-upgrade-libisccc161 suse-upgrade-libisccfg1600 suse-upgrade-libisccfg1600-32bit suse-upgrade-libisccfg163 suse-upgrade-liblwres161 suse-upgrade-libns1604 suse-upgrade-libns1604-32bit suse-upgrade-python-bind suse-upgrade-python3-bind References https://attackerkb.com/topics/cve-2023-2828 CVE - 2023-2828

VMware Photon OS: CVE-2023-2911 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-2911 CVE - 2023-2911

Oracle Linux: CVE-2022-25883: ELSA-2023-5363: nodejs:18 security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 09/30/2023 Added 09/28/2023 Modified 01/08/2025 Description Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service. Solution(s) oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2022-25883 CVE - 2022-25883 ELSA-2023-5363 ELSA-2023-5360 ELSA-2023-5362

VMware Photon OS: CVE-2023-34981 Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 06/21/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SEND_HEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy (mod_proxy_ajp) would use the response headers from the previous request leading to an information leak. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-34981 CVE - 2023-34981

Alma Linux: CVE-2023-2828: Important: bind9.16 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/21/2023 Created 07/19/2023 Added 07/19/2023 Modified 02/13/2025 Description Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. Solution(s) alma-upgrade-bind alma-upgrade-bind-chroot alma-upgrade-bind-devel alma-upgrade-bind-dnssec-doc alma-upgrade-bind-dnssec-utils alma-upgrade-bind-doc alma-upgrade-bind-export-devel alma-upgrade-bind-export-libs alma-upgrade-bind-libs alma-upgrade-bind-libs-lite alma-upgrade-bind-license alma-upgrade-bind-lite-devel alma-upgrade-bind-pkcs11 alma-upgrade-bind-pkcs11-devel alma-upgrade-bind-pkcs11-libs alma-upgrade-bind-pkcs11-utils alma-upgrade-bind-sdb alma-upgrade-bind-sdb-chroot alma-upgrade-bind-utils alma-upgrade-bind9.16 alma-upgrade-bind9.16-chroot alma-upgrade-bind9.16-devel alma-upgrade-bind9.16-dnssec-utils alma-upgrade-bind9.16-doc alma-upgrade-bind9.16-libs alma-upgrade-bind9.16-license alma-upgrade-bind9.16-utils alma-upgrade-python3-bind alma-upgrade-python3-bind9.16 References https://attackerkb.com/topics/cve-2023-2828 CVE - 2023-2828 https://errata.almalinux.org/8/ALSA-2023-4100.html https://errata.almalinux.org/8/ALSA-2023-4102.html https://errata.almalinux.org/9/ALSA-2023-4099.html

VMware Photon OS: CVE-2023-3220 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/20/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-3220 CVE - 2023-3220

Microsoft Office: ADV170005: Defense-in-Depth Update for Microsoft Office Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/20/2023 Created 06/27/2023 Added 06/20/2023 Modified 06/20/2023 Description Microsoft Office: ADV170005: Defense-in-Depth Update for Microsoft Office Solution(s) microsoft-office_2016-kb3178702 References https://support.microsoft.com/help/3178702

Alpine Linux: CVE-2023-1999: Double Free Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/20/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. Solution(s) alpine-linux-upgrade-libwebp alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-1999 CVE - 2023-1999 https://security.alpinelinux.org/vuln/CVE-2023-1999

Amazon Linux 2023: CVE-2023-30581: Important priority package update for nodejs Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 06/20/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js A vulnerability has been discovered in Node.js,where the use of proto in process.mainModule.proto.require() can bypass the policy mechanism and require modules outside of the policy.json definition. Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2023-30581 CVE - 2023-30581 https://alas.aws.amazon.com/AL2023/ALAS-2023-237.html

Amazon Linux 2023: CVE-2023-30589: Important priority package update for nodejs Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 06/20/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 A vulnerability has been identified in the Node.js, where llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2023-30589 CVE - 2023-30589 https://alas.aws.amazon.com/AL2023/ALAS-2023-237.html

Huawei EulerOS: CVE-2023-3220: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/20/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-3220 CVE - 2023-3220 EulerOS-SA-2023-2879

Amazon Linux 2023: CVE-2023-37453: Important priority package update for kernel Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 06/20/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c. An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-55-75-123 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-37453 CVE - 2023-37453 https://alas.aws.amazon.com/AL2023/ALAS-2023-356.html

Huawei EulerOS: CVE-2023-1999: libwebp security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/20/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. Solution(s) huawei-euleros-2_0_sp9-upgrade-libwebp References https://attackerkb.com/topics/cve-2023-1999 CVE - 2023-1999 EulerOS-SA-2023-2618

Microsoft Office: ADV180026: Microsoft Office Defense in Depth Update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/20/2023 Created 06/27/2023 Added 06/20/2023 Modified 06/20/2023 Description Microsoft Office: ADV180026: Microsoft Office Defense in Depth Update Solution(s) microsoft-outlook_2016-kb4461440 microsoft-word_2016-kb4461449 References https://support.microsoft.com/help/4461440 https://support.microsoft.com/help/4461449