ISHACK AI BOT

SUSE: CVE-2023-2801: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:S/C:N/I:N/A:C) Published 06/06/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint. Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix. Solution(s) suse-upgrade-grafana References https://attackerkb.com/topics/cve-2023-2801 CVE - 2023-2801

Alpine Linux: CVE-2023-2602: Missing Release of Memory after Effective Lifetime Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 06/06/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) alpine-linux-upgrade-libcap References https://attackerkb.com/topics/cve-2023-2602 CVE - 2023-2602 https://security.alpinelinux.org/vuln/CVE-2023-2602

Rocky Linux: CVE-2023-33460: yajl (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/06/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. Solution(s) rocky-upgrade-yajl rocky-upgrade-yajl-debuginfo rocky-upgrade-yajl-debugsource rocky-upgrade-yajl-devel References https://attackerkb.com/topics/cve-2023-33460 CVE - 2023-33460 https://errata.rockylinux.org/RLSA-2023:6551 https://errata.rockylinux.org/RLSA-2023:7057

Alpine Linux: CVE-2023-32683: Incorrect Authorization Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/06/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the `url_preview_url_blacklist` setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the `url_preview_ip_range_blacklist` setting (by default this only allows public IPs) and by the limited information returned to the client: 1. For discovered oEmbed URLs, any non-JSON response or a JSON response which includes non-oEmbed information is discarded. 2. For discovered image URLs, any non-image response is discarded. Systems which have URL preview disabled (via the `url_preview_enabled` setting) or have not configured a `url_preview_url_blacklist` are not affected. This issue has been addressed in version 1.85.0. Users are advised to upgrade. User unable to upgrade may also disable URL previews. Solution(s) alpine-linux-upgrade-synapse References https://attackerkb.com/topics/cve-2023-32683 CVE - 2023-32683 https://security.alpinelinux.org/vuln/CVE-2023-32683

Alpine Linux: CVE-2023-2603: Integer Overflow or Wraparound Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/06/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. Solution(s) alpine-linux-upgrade-libcap References https://attackerkb.com/topics/cve-2023-2603 CVE - 2023-2603 https://security.alpinelinux.org/vuln/CVE-2023-2603

SUSE: CVE-2023-2183: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/06/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix. Solution(s) suse-upgrade-grafana References https://attackerkb.com/topics/cve-2023-2183 CVE - 2023-2183

Red Hat: CVE-2023-2801: Moderate: Red Hat Ceph Storage 6.1 security, enhancements, and bug fix update (RHSA-2023:7740) Severity 6 CVSS (AV:N/AC:M/Au:S/C:N/I:N/A:C) Published 06/06/2023 Created 12/14/2023 Added 12/13/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint. Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix. Solution(s) redhat-upgrade-ceph-base redhat-upgrade-ceph-base-debuginfo redhat-upgrade-ceph-common redhat-upgrade-ceph-common-debuginfo redhat-upgrade-ceph-debuginfo redhat-upgrade-ceph-debugsource redhat-upgrade-ceph-exporter-debuginfo redhat-upgrade-ceph-fuse redhat-upgrade-ceph-fuse-debuginfo redhat-upgrade-ceph-immutable-object-cache redhat-upgrade-ceph-immutable-object-cache-debuginfo redhat-upgrade-ceph-mds-debuginfo redhat-upgrade-ceph-mgr-debuginfo redhat-upgrade-ceph-mib redhat-upgrade-ceph-mon-debuginfo redhat-upgrade-ceph-osd-debuginfo redhat-upgrade-ceph-radosgw-debuginfo redhat-upgrade-ceph-resource-agents redhat-upgrade-ceph-selinux redhat-upgrade-ceph-test-debuginfo redhat-upgrade-cephadm redhat-upgrade-cephadm-ansible redhat-upgrade-cephfs-mirror-debuginfo redhat-upgrade-cephfs-top redhat-upgrade-libcephfs-devel redhat-upgrade-libcephfs2 redhat-upgrade-libcephfs2-debuginfo redhat-upgrade-libcephsqlite-debuginfo redhat-upgrade-librados-devel redhat-upgrade-librados-devel-debuginfo redhat-upgrade-libradospp-devel redhat-upgrade-libradosstriper1 redhat-upgrade-libradosstriper1-debuginfo redhat-upgrade-librbd-devel redhat-upgrade-librgw-devel redhat-upgrade-librgw2 redhat-upgrade-librgw2-debuginfo redhat-upgrade-python3-ceph-argparse redhat-upgrade-python3-ceph-common redhat-upgrade-python3-cephfs redhat-upgrade-python3-cephfs-debuginfo redhat-upgrade-python3-rados redhat-upgrade-python3-rados-debuginfo redhat-upgrade-python3-rbd redhat-upgrade-python3-rbd-debuginfo redhat-upgrade-python3-rgw redhat-upgrade-python3-rgw-debuginfo redhat-upgrade-rbd-fuse-debuginfo redhat-upgrade-rbd-mirror-debuginfo redhat-upgrade-rbd-nbd redhat-upgrade-rbd-nbd-debuginfo References CVE-2023-2801

SUSE: CVE-2023-2602: SUSE Linux Security Advisory Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 06/06/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) suse-upgrade-libcap-devel suse-upgrade-libcap-progs suse-upgrade-libcap2 suse-upgrade-libcap2-32bit suse-upgrade-libpsx2 suse-upgrade-libpsx2-32bit References https://attackerkb.com/topics/cve-2023-2602 CVE - 2023-2602

SUSE: CVE-2022-46165: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 06/06/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and moves the mouse over the latest sync, a script could be executed to change settings for shared folders or add devices automatically. Additionally adding a new device with a malicious name could embed HTML or JavaScript inside parts of the page. As a result the webUI may be subject to a stored cross site scripting attack. This issue has been addressed in version 1.23.5. Users are advised to upgrade. Users unable to upgrade should avoid sharing folders with untrusted users. Solution(s) suse-upgrade-syncthing suse-upgrade-syncthing-relaysrv References https://attackerkb.com/topics/cve-2022-46165 CVE - 2022-46165

MFSA2023-19 Firefox: Security Vulnerabilities fixed in Firefox ESR 102.12 (CVE-2023-34414) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 06/06/2023 Created 06/07/2023 Added 06/07/2023 Modified 01/28/2025 Description The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. Solution(s) mozilla-firefox-esr-upgrade-102_12 References https://attackerkb.com/topics/cve-2023-34414 CVE - 2023-34414 http://www.mozilla.org/security/announce/2023/mfsa2023-19.html

Amazon Linux AMI 2: CVE-2023-2602: Security patch for libcap (ALAS-2023-2136) Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 06/06/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) amazon-linux-ami-2-upgrade-libcap amazon-linux-ami-2-upgrade-libcap-debuginfo amazon-linux-ami-2-upgrade-libcap-devel amazon-linux-ami-2-upgrade-libcap-static References https://attackerkb.com/topics/cve-2023-2602 AL2/ALAS-2023-2136 CVE - 2023-2602

CentOS Linux: CVE-2023-2801: Moderate: Red Hat Ceph Storage 6.1 security, enhancements, and bug fix update (CESA-2023:7740) Severity 6 CVSS (AV:N/AC:M/Au:S/C:N/I:N/A:C) Published 06/06/2023 Created 12/14/2023 Added 12/13/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint. Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix. Solution(s) centos-upgrade-ceph-base centos-upgrade-ceph-base-debuginfo centos-upgrade-ceph-common centos-upgrade-ceph-common-debuginfo centos-upgrade-ceph-debuginfo centos-upgrade-ceph-debugsource centos-upgrade-ceph-exporter-debuginfo centos-upgrade-ceph-fuse centos-upgrade-ceph-fuse-debuginfo centos-upgrade-ceph-immutable-object-cache centos-upgrade-ceph-immutable-object-cache-debuginfo centos-upgrade-ceph-mds-debuginfo centos-upgrade-ceph-mgr-debuginfo centos-upgrade-ceph-mib centos-upgrade-ceph-mon-debuginfo centos-upgrade-ceph-osd-debuginfo centos-upgrade-ceph-radosgw-debuginfo centos-upgrade-ceph-resource-agents centos-upgrade-ceph-selinux centos-upgrade-ceph-test-debuginfo centos-upgrade-cephadm centos-upgrade-cephadm-ansible centos-upgrade-cephfs-mirror-debuginfo centos-upgrade-cephfs-top centos-upgrade-libcephfs-devel centos-upgrade-libcephfs2 centos-upgrade-libcephfs2-debuginfo centos-upgrade-libcephsqlite-debuginfo centos-upgrade-librados-devel centos-upgrade-librados-devel-debuginfo centos-upgrade-libradospp-devel centos-upgrade-libradosstriper1 centos-upgrade-libradosstriper1-debuginfo centos-upgrade-librbd-devel centos-upgrade-librgw-devel centos-upgrade-librgw2 centos-upgrade-librgw2-debuginfo centos-upgrade-python3-ceph-argparse centos-upgrade-python3-ceph-common centos-upgrade-python3-cephfs centos-upgrade-python3-cephfs-debuginfo centos-upgrade-python3-rados centos-upgrade-python3-rados-debuginfo centos-upgrade-python3-rbd centos-upgrade-python3-rbd-debuginfo centos-upgrade-python3-rgw centos-upgrade-python3-rgw-debuginfo centos-upgrade-rbd-fuse-debuginfo centos-upgrade-rbd-mirror-debuginfo centos-upgrade-rbd-nbd centos-upgrade-rbd-nbd-debuginfo References CVE-2023-2801

Huawei EulerOS: CVE-2023-2602: libcap security update Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 06/06/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) huawei-euleros-2_0_sp11-upgrade-libcap References https://attackerkb.com/topics/cve-2023-2602 CVE - 2023-2602 EulerOS-SA-2023-2690

CentOS Linux: CVE-2023-2602: Moderate: libcap security update (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 06/06/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. Solution(s) centos-upgrade-libcap centos-upgrade-libcap-debuginfo centos-upgrade-libcap-debugsource centos-upgrade-libcap-devel References CVE-2023-2602

Ubuntu: (Multiple Advisories) (CVE-2023-33460): YAJL vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/06/2023 Created 07/19/2023 Added 07/19/2023 Modified 01/30/2025 Description There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. Solution(s) ubuntu-pro-upgrade-libyajl2 References https://attackerkb.com/topics/cve-2023-33460 CVE - 2023-33460 USN-6233-1 USN-6233-2

SUSE: CVE-2023-33460: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/06/2023 Created 08/15/2023 Added 08/15/2023 Modified 01/28/2025 Description There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. Solution(s) suse-upgrade-libyajl-devel suse-upgrade-libyajl-devel-32bit suse-upgrade-libyajl-devel-static suse-upgrade-libyajl2 suse-upgrade-libyajl2-32bit suse-upgrade-yajl References https://attackerkb.com/topics/cve-2023-33460 CVE - 2023-33460

VMware Photon OS: CVE-2023-33460 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/06/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-33460 CVE - 2023-33460

Debian: CVE-2023-31606: ruby-redcloth -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/06/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. Solution(s) debian-upgrade-ruby-redcloth References https://attackerkb.com/topics/cve-2023-31606 CVE - 2023-31606 DLA-3480-1

Amazon Linux AMI 2: CVE-2023-33460: Security patch for yajl (ALAS-2023-2182) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/06/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/30/2025 Description There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. Solution(s) amazon-linux-ami-2-upgrade-yajl amazon-linux-ami-2-upgrade-yajl-debuginfo amazon-linux-ami-2-upgrade-yajl-devel References https://attackerkb.com/topics/cve-2023-33460 AL2/ALAS-2023-2182 CVE - 2023-33460

Huawei EulerOS: CVE-2023-2603: libcap security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/06/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. Solution(s) huawei-euleros-2_0_sp10-upgrade-libcap References https://attackerkb.com/topics/cve-2023-2603 CVE - 2023-2603 EulerOS-SA-2023-2812

Debian: CVE-2023-33733: python-reportlab -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/05/2023 Created 10/16/2024 Added 10/15/2024 Modified 01/28/2025 Description Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file. Solution(s) debian-upgrade-python-reportlab References https://attackerkb.com/topics/cve-2023-33733 CVE - 2023-33733 DLA-3917-1 DSA-5791-1

FreeBSD: VID-6C1DE144-056F-11EE-8E16-6C3BE5272ACD (CVE-2023-2183): Grafana -- Broken access control: viewer can send test alerts Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 06/06/2023 Created 06/09/2023 Added 06/08/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix. Solution(s) freebsd-upgrade-package-grafana freebsd-upgrade-package-grafana8 freebsd-upgrade-package-grafana9 References CVE-2023-2183

Alpine Linux: CVE-2023-3079: Type Confusion Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/05/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/14/2024 Description Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) alpine-linux-upgrade-qt5-qtwebengine References https://attackerkb.com/topics/cve-2023-3079 CVE - 2023-3079 https://security.alpinelinux.org/vuln/CVE-2023-3079

Red Hat: CVE-2023-28204: an out-of-bounds read when processing malicious content (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 06/05/2023 Created 06/07/2023 Added 06/07/2023 Modified 01/28/2025 Description An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-28204 RHSA-2023:3432 RHSA-2023:3433

Ubuntu: (Multiple Advisories) (CVE-2023-3111): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/05/2023 Created 07/13/2023 Added 07/13/2023 Modified 01/28/2025 Description A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). Solution(s) ubuntu-upgrade-linux-image-4-15-0-1068-dell300x ubuntu-upgrade-linux-image-4-15-0-1122-oracle ubuntu-upgrade-linux-image-4-15-0-1143-kvm ubuntu-upgrade-linux-image-4-15-0-1153-gcp ubuntu-upgrade-linux-image-4-15-0-1153-snapdragon ubuntu-upgrade-linux-image-4-15-0-1159-aws ubuntu-upgrade-linux-image-4-15-0-1168-azure ubuntu-upgrade-linux-image-4-15-0-214-generic ubuntu-upgrade-linux-image-4-15-0-214-generic-lpae ubuntu-upgrade-linux-image-4-15-0-214-lowlatency ubuntu-upgrade-linux-image-4-4-0-1120-aws ubuntu-upgrade-linux-image-4-4-0-1121-kvm ubuntu-upgrade-linux-image-4-4-0-1158-aws ubuntu-upgrade-linux-image-4-4-0-242-generic ubuntu-upgrade-linux-image-4-4-0-242-lowlatency ubuntu-upgrade-linux-image-5-4-0-1019-iot ubuntu-upgrade-linux-image-5-4-0-1027-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1054-ibm ubuntu-upgrade-linux-image-5-4-0-1068-bluefield ubuntu-upgrade-linux-image-5-4-0-1074-gkeop ubuntu-upgrade-linux-image-5-4-0-1091-raspi ubuntu-upgrade-linux-image-5-4-0-1096-kvm ubuntu-upgrade-linux-image-5-4-0-1105-gke ubuntu-upgrade-linux-image-5-4-0-1106-oracle ubuntu-upgrade-linux-image-5-4-0-1107-aws ubuntu-upgrade-linux-image-5-4-0-1110-gcp ubuntu-upgrade-linux-image-5-4-0-1113-azure ubuntu-upgrade-linux-image-5-4-0-1114-azure ubuntu-upgrade-linux-image-5-4-0-156-generic ubuntu-upgrade-linux-image-5-4-0-156-generic-lpae ubuntu-upgrade-linux-image-5-4-0-156-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-3111 CVE - 2023-3111 DSA-5480 USN-6221-1 USN-6252-1 USN-6284-1 USN-6301-1 USN-6312-1 USN-6314-1 USN-6331-1 USN-6337-1 View more