ISHACK AI BOT

VMware Photon OS: CVE-2023-2455 Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/09/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-2455 CVE - 2023-2455

Amazon Linux 2023: CVE-2023-29404: Important priority package update for golang Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. A flaw was found in golang. The go command may execute arbitrary code at build time when using cgo. This can occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This can be triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. Solution(s) amazon-linux-2023-upgrade-golang amazon-linux-2023-upgrade-golang-bin amazon-linux-2023-upgrade-golang-docs amazon-linux-2023-upgrade-golang-misc amazon-linux-2023-upgrade-golang-shared amazon-linux-2023-upgrade-golang-src amazon-linux-2023-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-29404 CVE - 2023-29404 https://alas.aws.amazon.com/AL2023/ALAS-2023-269.html

SUSE: CVE-2023-29405: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 06/19/2023 Added 06/19/2023 Modified 01/28/2025 Description The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. Solution(s) suse-upgrade-go1-19 suse-upgrade-go1-19-doc suse-upgrade-go1-19-race suse-upgrade-go1-20 suse-upgrade-go1-20-doc suse-upgrade-go1-20-race References https://attackerkb.com/topics/cve-2023-29405 CVE - 2023-29405

Amazon Linux AMI 2: CVE-2023-29404: Security patch for golang (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/30/2025 Description The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. Solution(s) amazon-linux-ami-2-upgrade-golang amazon-linux-ami-2-upgrade-golang-bin amazon-linux-ami-2-upgrade-golang-docs amazon-linux-ami-2-upgrade-golang-misc amazon-linux-ami-2-upgrade-golang-race amazon-linux-ami-2-upgrade-golang-shared amazon-linux-ami-2-upgrade-golang-src amazon-linux-ami-2-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-29404 AL2/ALAS-2023-2163 AL2/ALASGOLANG1.19-2023-001 CVE - 2023-29404

Amazon Linux AMI 2: CVE-2023-29402: Security patch for golang (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/30/2025 Description The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected). Solution(s) amazon-linux-ami-2-upgrade-golang amazon-linux-ami-2-upgrade-golang-bin amazon-linux-ami-2-upgrade-golang-docs amazon-linux-ami-2-upgrade-golang-misc amazon-linux-ami-2-upgrade-golang-race amazon-linux-ami-2-upgrade-golang-shared amazon-linux-ami-2-upgrade-golang-src amazon-linux-ami-2-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-29402 AL2/ALAS-2023-2131 AL2/ALASGOLANG1.19-2023-001 CVE - 2023-29402

Ubuntu: (Multiple Advisories) (CVE-2023-29403): Go vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 10/12/2024 Added 10/11/2024 Modified 01/28/2025 Description On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers. Solution(s) ubuntu-pro-upgrade-golang-1-17 ubuntu-pro-upgrade-golang-1-17-go ubuntu-pro-upgrade-golang-1-17-src ubuntu-pro-upgrade-golang-1-18 ubuntu-pro-upgrade-golang-1-18-go ubuntu-pro-upgrade-golang-1-18-src References https://attackerkb.com/topics/cve-2023-29403 CVE - 2023-29403 USN-7061-1 USN-7109-1

Alma Linux: CVE-2023-29403: Critical: go-toolset:rhel8 security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 06/30/2023 Added 06/30/2023 Modified 01/28/2025 Description On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers. Solution(s) alma-upgrade-delve alma-upgrade-go-toolset alma-upgrade-golang alma-upgrade-golang-bin alma-upgrade-golang-docs alma-upgrade-golang-misc alma-upgrade-golang-race alma-upgrade-golang-src alma-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-29403 CVE - 2023-29403 https://errata.almalinux.org/8/ALSA-2023-3922.html https://errata.almalinux.org/9/ALSA-2023-3923.html

Alma Linux: CVE-2023-29405: Critical: go-toolset:rhel8 security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 06/30/2023 Added 06/30/2023 Modified 01/30/2025 Description The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. Solution(s) alma-upgrade-delve alma-upgrade-go-toolset alma-upgrade-golang alma-upgrade-golang-bin alma-upgrade-golang-docs alma-upgrade-golang-misc alma-upgrade-golang-race alma-upgrade-golang-src alma-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-29405 CVE - 2023-29405 https://errata.almalinux.org/8/ALSA-2023-3922.html https://errata.almalinux.org/9/ALSA-2023-3923.html

Alma Linux: CVE-2023-29402: Critical: go-toolset:rhel8 security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 06/30/2023 Added 06/30/2023 Modified 01/30/2025 Description The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected). Solution(s) alma-upgrade-delve alma-upgrade-go-toolset alma-upgrade-golang alma-upgrade-golang-bin alma-upgrade-golang-docs alma-upgrade-golang-misc alma-upgrade-golang-race alma-upgrade-golang-src alma-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-29402 CVE - 2023-29402 https://errata.almalinux.org/8/ALSA-2023-3922.html https://errata.almalinux.org/9/ALSA-2023-3923.html

Alma Linux: CVE-2023-34969: Moderate: dbus security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 06/08/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6. Solution(s) alma-upgrade-dbus alma-upgrade-dbus-common alma-upgrade-dbus-daemon alma-upgrade-dbus-devel alma-upgrade-dbus-libs alma-upgrade-dbus-tools alma-upgrade-dbus-x11 References https://attackerkb.com/topics/cve-2023-34969 CVE - 2023-34969 https://errata.almalinux.org/8/ALSA-2023-4498.html https://errata.almalinux.org/9/ALSA-2023-4569.html

Gentoo Linux: CVE-2023-29405: Go: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/30/2025 Description The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. Solution(s) gentoo-linux-upgrade-dev-lang-go References https://attackerkb.com/topics/cve-2023-29405 CVE - 2023-29405 202311-09

Gentoo Linux: CVE-2023-29403: Go: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers. Solution(s) gentoo-linux-upgrade-dev-lang-go References https://attackerkb.com/topics/cve-2023-29403 CVE - 2023-29403 202311-09

Gentoo Linux: CVE-2023-29402: Go: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/30/2025 Description The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected). Solution(s) gentoo-linux-upgrade-dev-lang-go References https://attackerkb.com/topics/cve-2023-29402 CVE - 2023-29402 202311-09

Amazon Linux AMI 2: CVE-2023-2455: Security patch for postgresql (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/09/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. Solution(s) amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython2 amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2023-2455 AL2/ALASPOSTGRESQL11-2023-001 AL2/ALASPOSTGRESQL12-2023-001 AL2/ALASPOSTGRESQL13-2023-001 AL2/ALASPOSTGRESQL14-2023-001 CVE - 2023-2455

Huawei EulerOS: CVE-2023-2455: postgresql security update Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/09/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. Solution(s) huawei-euleros-2_0_sp8-upgrade-postgresql huawei-euleros-2_0_sp8-upgrade-postgresql-contrib huawei-euleros-2_0_sp8-upgrade-postgresql-devel huawei-euleros-2_0_sp8-upgrade-postgresql-docs huawei-euleros-2_0_sp8-upgrade-postgresql-libs huawei-euleros-2_0_sp8-upgrade-postgresql-plperl huawei-euleros-2_0_sp8-upgrade-postgresql-plpython huawei-euleros-2_0_sp8-upgrade-postgresql-pltcl huawei-euleros-2_0_sp8-upgrade-postgresql-server huawei-euleros-2_0_sp8-upgrade-postgresql-test References https://attackerkb.com/topics/cve-2023-2455 CVE - 2023-2455 EulerOS-SA-2023-3146

Red Hat: CVE-2023-2455: postgresql: row security policies disregard user ID changes after inlining. (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/09/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. Solution(s) redhat-upgrade-pg_repack redhat-upgrade-pg_repack-debuginfo redhat-upgrade-pg_repack-debugsource redhat-upgrade-pgaudit redhat-upgrade-pgaudit-debuginfo redhat-upgrade-pgaudit-debugsource redhat-upgrade-postgres-decoderbufs redhat-upgrade-postgres-decoderbufs-debuginfo redhat-upgrade-postgres-decoderbufs-debugsource redhat-upgrade-postgresql redhat-upgrade-postgresql-contrib redhat-upgrade-postgresql-contrib-debuginfo redhat-upgrade-postgresql-debuginfo redhat-upgrade-postgresql-debugsource redhat-upgrade-postgresql-docs redhat-upgrade-postgresql-docs-debuginfo redhat-upgrade-postgresql-plperl redhat-upgrade-postgresql-plperl-debuginfo redhat-upgrade-postgresql-plpython3 redhat-upgrade-postgresql-plpython3-debuginfo redhat-upgrade-postgresql-pltcl redhat-upgrade-postgresql-pltcl-debuginfo redhat-upgrade-postgresql-private-devel redhat-upgrade-postgresql-private-libs redhat-upgrade-postgresql-private-libs-debuginfo redhat-upgrade-postgresql-server redhat-upgrade-postgresql-server-debuginfo redhat-upgrade-postgresql-server-devel redhat-upgrade-postgresql-server-devel-debuginfo redhat-upgrade-postgresql-static redhat-upgrade-postgresql-test redhat-upgrade-postgresql-test-debuginfo redhat-upgrade-postgresql-test-rpm-macros redhat-upgrade-postgresql-upgrade redhat-upgrade-postgresql-upgrade-debuginfo redhat-upgrade-postgresql-upgrade-devel redhat-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2023-2455 RHSA-2023:3714 RHSA-2023:4327 RHSA-2023:4527 RHSA-2023:4535 RHSA-2023:4539 RHSA-2023:5269 RHSA-2023:7545 RHSA-2023:7580 RHSA-2023:7666 View more

Debian: CVE-2023-34414: firefox-esr, thunderbird -- security update Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 06/09/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. Solution(s) debian-upgrade-firefox-esr debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-34414 CVE - 2023-34414 DLA-3448-1 DSA-5421-1

CentOS Linux: CVE-2023-2455: Moderate: postgresql security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/09/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. Solution(s) centos-upgrade-pg_repack centos-upgrade-pg_repack-debuginfo centos-upgrade-pg_repack-debugsource centos-upgrade-pgaudit centos-upgrade-pgaudit-debuginfo centos-upgrade-pgaudit-debugsource centos-upgrade-postgres-decoderbufs centos-upgrade-postgres-decoderbufs-debuginfo centos-upgrade-postgres-decoderbufs-debugsource centos-upgrade-postgresql centos-upgrade-postgresql-contrib centos-upgrade-postgresql-contrib-debuginfo centos-upgrade-postgresql-debuginfo centos-upgrade-postgresql-debugsource centos-upgrade-postgresql-docs centos-upgrade-postgresql-docs-debuginfo centos-upgrade-postgresql-plperl centos-upgrade-postgresql-plperl-debuginfo centos-upgrade-postgresql-plpython3 centos-upgrade-postgresql-plpython3-debuginfo centos-upgrade-postgresql-pltcl centos-upgrade-postgresql-pltcl-debuginfo centos-upgrade-postgresql-private-devel centos-upgrade-postgresql-private-libs centos-upgrade-postgresql-private-libs-debuginfo centos-upgrade-postgresql-server centos-upgrade-postgresql-server-debuginfo centos-upgrade-postgresql-server-devel centos-upgrade-postgresql-server-devel-debuginfo centos-upgrade-postgresql-static centos-upgrade-postgresql-test centos-upgrade-postgresql-test-debuginfo centos-upgrade-postgresql-test-rpm-macros centos-upgrade-postgresql-upgrade centos-upgrade-postgresql-upgrade-debuginfo centos-upgrade-postgresql-upgrade-devel centos-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2023-2455

Debian: CVE-2023-34416: firefox-esr, thunderbird -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/09/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. Solution(s) debian-upgrade-firefox-esr debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-34416 CVE - 2023-34416 DLA-3448-1 DSA-5421-1

CentOS Linux: CVE-2023-2454: Moderate: postgresql security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 06/09/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. Solution(s) centos-upgrade-pg_repack centos-upgrade-pg_repack-debuginfo centos-upgrade-pg_repack-debugsource centos-upgrade-pgaudit centos-upgrade-pgaudit-debuginfo centos-upgrade-pgaudit-debugsource centos-upgrade-postgres-decoderbufs centos-upgrade-postgres-decoderbufs-debuginfo centos-upgrade-postgres-decoderbufs-debugsource centos-upgrade-postgresql centos-upgrade-postgresql-contrib centos-upgrade-postgresql-contrib-debuginfo centos-upgrade-postgresql-debuginfo centos-upgrade-postgresql-debugsource centos-upgrade-postgresql-docs centos-upgrade-postgresql-docs-debuginfo centos-upgrade-postgresql-plperl centos-upgrade-postgresql-plperl-debuginfo centos-upgrade-postgresql-plpython3 centos-upgrade-postgresql-plpython3-debuginfo centos-upgrade-postgresql-pltcl centos-upgrade-postgresql-pltcl-debuginfo centos-upgrade-postgresql-private-devel centos-upgrade-postgresql-private-libs centos-upgrade-postgresql-private-libs-debuginfo centos-upgrade-postgresql-server centos-upgrade-postgresql-server-debuginfo centos-upgrade-postgresql-server-devel centos-upgrade-postgresql-server-devel-debuginfo centos-upgrade-postgresql-static centos-upgrade-postgresql-test centos-upgrade-postgresql-test-debuginfo centos-upgrade-postgresql-test-rpm-macros centos-upgrade-postgresql-upgrade centos-upgrade-postgresql-upgrade-debuginfo centos-upgrade-postgresql-upgrade-devel centos-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2023-2454

MongoDB Ops Manager Diagnostic Archive Sensitive Information Retriever Disclosed 06/09/2023 Created 04/12/2024 Description MongoDB Ops Manager Diagnostics Archive does not redact SAML SSL Pem Key File Password field (mms.saml.ssl.PEMKeyFilePassword) within app settings. Archives do not include the PEM files themselves. This module extracts that unredacted password and stores the diagnostic archive for additional manual review. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12. API credentials with the role of GLOBAL_MONITORING_ADMIN or GLOBAL_OWNER are required. Successfully tested against MongoDB Ops Manager v6.0.11. Author(s) h00die Development Source Code History

Amazon Linux AMI 2: CVE-2023-2454: Security patch for postgresql (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 06/09/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. Solution(s) amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-devel amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-libs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython amazon-linux-ami-2-upgrade-postgresql-plpython2 amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2023-2454 AL2/ALAS-2024-2462 AL2/ALASPOSTGRESQL11-2023-001 AL2/ALASPOSTGRESQL12-2023-001 AL2/ALASPOSTGRESQL13-2023-001 AL2/ALASPOSTGRESQL14-2023-001 CVE - 2023-2454

Amazon Linux AMI 2: CVE-2023-3141: Security patch for kernel (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 06/09/2023 Created 06/30/2023 Added 06/30/2023 Modified 01/28/2025 Description A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-318-240-529 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-174-730 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-3141 AL2/ALAS-2023-2100 AL2/ALASKERNEL-5.10-2023-034 AL2/ALASKERNEL-5.4-2023-047 CVE - 2023-3141

Alpine Linux: CVE-2023-29405: Injection Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/08/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler. Solution(s) alpine-linux-upgrade-go References https://attackerkb.com/topics/cve-2023-29405 CVE - 2023-29405 https://security.alpinelinux.org/vuln/CVE-2023-29405

Rocky Linux: CVE-2023-2454: postgresql-10 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 06/09/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. Solution(s) rocky-upgrade-pg_repack rocky-upgrade-pg_repack-debuginfo rocky-upgrade-pg_repack-debugsource rocky-upgrade-pgaudit rocky-upgrade-pgaudit-debuginfo rocky-upgrade-pgaudit-debugsource rocky-upgrade-postgres-decoderbufs rocky-upgrade-postgres-decoderbufs-debuginfo rocky-upgrade-postgres-decoderbufs-debugsource rocky-upgrade-postgresql rocky-upgrade-postgresql-contrib rocky-upgrade-postgresql-contrib-debuginfo rocky-upgrade-postgresql-debuginfo rocky-upgrade-postgresql-debugsource rocky-upgrade-postgresql-docs rocky-upgrade-postgresql-docs-debuginfo rocky-upgrade-postgresql-plperl rocky-upgrade-postgresql-plperl-debuginfo rocky-upgrade-postgresql-plpython3 rocky-upgrade-postgresql-plpython3-debuginfo rocky-upgrade-postgresql-pltcl rocky-upgrade-postgresql-pltcl-debuginfo rocky-upgrade-postgresql-private-devel rocky-upgrade-postgresql-private-libs rocky-upgrade-postgresql-private-libs-debuginfo rocky-upgrade-postgresql-server rocky-upgrade-postgresql-server-debuginfo rocky-upgrade-postgresql-server-devel rocky-upgrade-postgresql-server-devel-debuginfo rocky-upgrade-postgresql-static rocky-upgrade-postgresql-test rocky-upgrade-postgresql-test-debuginfo rocky-upgrade-postgresql-test-rpm-macros rocky-upgrade-postgresql-upgrade rocky-upgrade-postgresql-upgrade-debuginfo rocky-upgrade-postgresql-upgrade-devel rocky-upgrade-postgresql-upgrade-devel-debuginfo References https://attackerkb.com/topics/cve-2023-2454 CVE - 2023-2454 https://errata.rockylinux.org/RLSA-2023:3714 https://errata.rockylinux.org/RLSA-2023:4327 https://errata.rockylinux.org/RLSA-2023:4527 https://errata.rockylinux.org/RLSA-2023:4535 https://errata.rockylinux.org/RLSA-2023:4539