ISHACK AI BOT

Gentoo Linux: CVE-2023-32324: CUPS: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 02/20/2024 Added 02/19/2024 Modified 01/28/2025 Description OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. Solution(s) gentoo-linux-upgrade-net-print-cups References https://attackerkb.com/topics/cve-2023-32324 CVE - 2023-32324 202402-17

Debian: CVE-2023-2985: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-2985 CVE - 2023-2985

Huawei EulerOS: CVE-2023-32324: cups security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. Solution(s) huawei-euleros-2_0_sp8-upgrade-cups huawei-euleros-2_0_sp8-upgrade-cups-client huawei-euleros-2_0_sp8-upgrade-cups-devel huawei-euleros-2_0_sp8-upgrade-cups-filesystem huawei-euleros-2_0_sp8-upgrade-cups-libs huawei-euleros-2_0_sp8-upgrade-cups-lpd References https://attackerkb.com/topics/cve-2023-32324 CVE - 2023-32324 EulerOS-SA-2023-3119

SUSE: CVE-2023-32181: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2. Solution(s) suse-upgrade-libeconf-devel suse-upgrade-libeconf-utils suse-upgrade-libeconf0 suse-upgrade-libeconf0-32bit References https://attackerkb.com/topics/cve-2023-32181 CVE - 2023-32181

Oracle Linux: CVE-2023-32324: ELSA-2023-6596:cups security and bug fix update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 11/18/2023 Added 11/16/2023 Modified 11/28/2024 Description OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. A flaw was found in the Cups package. A buffer overflow vulnerability in the |format_log_line| function could allow remote attackers to cause a denial of service. Exploitation is only possible when the configuration file, cupsd.conf, has the value of loglevel set to DEBUG. Solution(s) oracle-linux-upgrade-cups oracle-linux-upgrade-cups-client oracle-linux-upgrade-cups-devel oracle-linux-upgrade-cups-filesystem oracle-linux-upgrade-cups-ipptool oracle-linux-upgrade-cups-libs oracle-linux-upgrade-cups-lpd oracle-linux-upgrade-cups-printerapp References https://attackerkb.com/topics/cve-2023-32324 CVE - 2023-32324 ELSA-2023-6596 ELSA-2023-7165

Huawei EulerOS: CVE-2023-2985: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/01/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-2985 CVE - 2023-2985 EulerOS-SA-2023-2860

Huawei EulerOS: CVE-2023-32324: cups security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. Solution(s) huawei-euleros-2_0_sp10-upgrade-cups-libs References https://attackerkb.com/topics/cve-2023-32324 CVE - 2023-32324 EulerOS-SA-2023-2806

CentOS Linux: CVE-2023-2977: Low: opensc security update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 06/01/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. Solution(s) centos-upgrade-opensc centos-upgrade-opensc-debuginfo centos-upgrade-opensc-debugsource References CVE-2023-2977

SUSE: CVE-2023-33461: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 06/29/2023 Added 06/29/2023 Modified 01/28/2025 Description iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return. Solution(s) suse-upgrade-libiniparser-devel suse-upgrade-libiniparser0 suse-upgrade-libiniparser0-32bit suse-upgrade-libiniparser1 suse-upgrade-libiniparser1-32bit suse-upgrade-libiniparser1-64bit References https://attackerkb.com/topics/cve-2023-33461 CVE - 2023-33461

SUSE: CVE-2023-33546: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/28/2025 Description Janino 3.1.9 and earlier are subject to denial of service (DOS) attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by multiple parties because Janino is not intended for use with untrusted input. Solution(s) suse-upgrade-commons-compiler suse-upgrade-commons-compiler-jdk suse-upgrade-janino suse-upgrade-janino-javadoc References https://attackerkb.com/topics/cve-2023-33546 CVE - 2023-33546

SUSE: CVE-2023-32324: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 06/02/2023 Added 06/02/2023 Modified 01/28/2025 Description OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. Solution(s) suse-upgrade-cups suse-upgrade-cups-client suse-upgrade-cups-config suse-upgrade-cups-ddk suse-upgrade-cups-devel suse-upgrade-cups-devel-32bit suse-upgrade-cups-libs suse-upgrade-cups-libs-32bit suse-upgrade-libcups2 suse-upgrade-libcups2-32bit suse-upgrade-libcupscgi1 suse-upgrade-libcupscgi1-32bit suse-upgrade-libcupsimage2 suse-upgrade-libcupsimage2-32bit suse-upgrade-libcupsmime1 suse-upgrade-libcupsmime1-32bit suse-upgrade-libcupsppdc1 suse-upgrade-libcupsppdc1-32bit References https://attackerkb.com/topics/cve-2023-32324 CVE - 2023-32324

VMware Photon OS: CVE-2023-2985 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/01/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-2985 CVE - 2023-2985

Alpine Linux: CVE-2023-32181: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2. Solution(s) alpine-linux-upgrade-libeconf References https://attackerkb.com/topics/cve-2023-32181 CVE - 2023-32181 https://security.alpinelinux.org/vuln/CVE-2023-32181

Ubuntu: (Multiple Advisories) (CVE-2023-2985): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/01/2023 Created 06/19/2023 Added 06/19/2023 Modified 01/28/2025 Description A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1123-oracle ubuntu-upgrade-linux-image-4-15-0-1144-kvm ubuntu-upgrade-linux-image-4-15-0-1154-gcp ubuntu-upgrade-linux-image-4-15-0-1160-aws ubuntu-upgrade-linux-image-4-15-0-1169-azure ubuntu-upgrade-linux-image-4-15-0-216-generic ubuntu-upgrade-linux-image-4-15-0-216-lowlatency ubuntu-upgrade-linux-image-4-4-0-1122-aws ubuntu-upgrade-linux-image-4-4-0-1123-kvm ubuntu-upgrade-linux-image-4-4-0-1160-aws ubuntu-upgrade-linux-image-4-4-0-244-generic ubuntu-upgrade-linux-image-4-4-0-244-lowlatency ubuntu-upgrade-linux-image-5-15-0-1022-gkeop ubuntu-upgrade-linux-image-5-15-0-1032-ibm ubuntu-upgrade-linux-image-5-15-0-1032-raspi ubuntu-upgrade-linux-image-5-15-0-1032-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1033-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1035-kvm ubuntu-upgrade-linux-image-5-15-0-1036-gcp ubuntu-upgrade-linux-image-5-15-0-1036-gke ubuntu-upgrade-linux-image-5-15-0-1037-oracle ubuntu-upgrade-linux-image-5-15-0-1038-aws ubuntu-upgrade-linux-image-5-15-0-1040-azure ubuntu-upgrade-linux-image-5-15-0-1040-azure-fde ubuntu-upgrade-linux-image-5-15-0-1041-azure-fde ubuntu-upgrade-linux-image-5-15-0-75-generic ubuntu-upgrade-linux-image-5-15-0-75-generic-64k ubuntu-upgrade-linux-image-5-15-0-75-generic-lpae ubuntu-upgrade-linux-image-5-15-0-75-lowlatency ubuntu-upgrade-linux-image-5-15-0-75-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1021-raspi ubuntu-upgrade-linux-image-5-19-0-1021-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1024-ibm ubuntu-upgrade-linux-image-5-19-0-1025-kvm ubuntu-upgrade-linux-image-5-19-0-1025-oracle ubuntu-upgrade-linux-image-5-19-0-1026-gcp ubuntu-upgrade-linux-image-5-19-0-1027-aws ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1028-azure ubuntu-upgrade-linux-image-5-19-0-45-generic ubuntu-upgrade-linux-image-5-19-0-45-generic-64k ubuntu-upgrade-linux-image-5-19-0-45-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1051-ibm ubuntu-upgrade-linux-image-5-4-0-1065-bluefield ubuntu-upgrade-linux-image-5-4-0-1071-gkeop ubuntu-upgrade-linux-image-5-4-0-1088-raspi ubuntu-upgrade-linux-image-5-4-0-1093-kvm ubuntu-upgrade-linux-image-5-4-0-1102-gke ubuntu-upgrade-linux-image-5-4-0-1103-oracle ubuntu-upgrade-linux-image-5-4-0-1104-aws ubuntu-upgrade-linux-image-5-4-0-1107-gcp ubuntu-upgrade-linux-image-5-4-0-1110-azure ubuntu-upgrade-linux-image-5-4-0-152-generic ubuntu-upgrade-linux-image-5-4-0-152-generic-lpae ubuntu-upgrade-linux-image-5-4-0-152-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-2985 CVE - 2023-2985 USN-6171-1 USN-6172-1 USN-6185-1 USN-6187-1 USN-6207-1 USN-6222-1 USN-6223-1 USN-6256-1 USN-6309-1 USN-6327-1 USN-6342-1 USN-6342-2 View more

Alpine Linux: CVE-2023-23602: Improper Check for Unusual or Exceptional Conditions Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-23602 CVE - 2023-23602 https://security.alpinelinux.org/vuln/CVE-2023-23602

Ubuntu: (Multiple Advisories) (CVE-2023-32324): CUPS vulnerability Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 06/02/2023 Added 06/02/2023 Modified 01/28/2025 Description OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. Solution(s) ubuntu-pro-upgrade-cups References https://attackerkb.com/topics/cve-2023-32324 CVE - 2023-32324 USN-6128-1 USN-6128-2

Alpine Linux: CVE-2023-23603: Vulnerability in Multiple Components Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 06/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-23603 CVE - 2023-23603 https://security.alpinelinux.org/vuln/CVE-2023-23603

Alpine Linux: CVE-2023-23599: Improper Encoding or Escaping of Output Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-23599 CVE - 2023-23599 https://security.alpinelinux.org/vuln/CVE-2023-23599

Alpine Linux: CVE-2023-23605: Out-of-bounds Write Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-23605 CVE - 2023-23605 https://security.alpinelinux.org/vuln/CVE-2023-23605

Amazon Linux AMI 2: CVE-2023-0616: Security patch for thunderbird (ALAS-2023-1983) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/02/2023 Created 02/22/2024 Added 02/21/2024 Modified 01/30/2025 Description If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8. Solution(s) amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-0616 AL2/ALAS-2023-1983 CVE - 2023-0616

Rocky Linux: CVE-2023-23602: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-23602 CVE - 2023-23602 https://errata.rockylinux.org/RLSA-2023:0285 https://errata.rockylinux.org/RLSA-2023:0288 https://errata.rockylinux.org/RLSA-2023:0463 https://errata.rockylinux.org/RLSA-2023:0476

Amazon Linux AMI 2: CVE-2023-0430: Security patch for thunderbird (ALAS-2023-1951) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/02/2023 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1. Solution(s) amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-0430 AL2/ALAS-2023-1951 CVE - 2023-0430

SUSE: CVE-2023-2977: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 06/01/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. Solution(s) suse-upgrade-opensc suse-upgrade-opensc-32bit References https://attackerkb.com/topics/cve-2023-2977 CVE - 2023-2977

SUSE: CVE-2023-22652: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/01/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2. Solution(s) suse-upgrade-libeconf-devel suse-upgrade-libeconf-utils suse-upgrade-libeconf0 suse-upgrade-libeconf0-32bit References https://attackerkb.com/topics/cve-2023-22652 CVE - 2023-22652

Oracle Linux: CVE-2023-3019: ELSA-2024-12276: virt:kvm_utils3 security update (MODERATE) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 06/01/2023 Created 01/16/2024 Added 01/13/2024 Modified 12/27/2024 Description A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Solution(s) oracle-linux-upgrade-hivex oracle-linux-upgrade-hivex-devel oracle-linux-upgrade-libguestfs oracle-linux-upgrade-libguestfs-appliance oracle-linux-upgrade-libguestfs-bash-completion oracle-linux-upgrade-libguestfs-devel oracle-linux-upgrade-libguestfs-gfs2 oracle-linux-upgrade-libguestfs-gobject oracle-linux-upgrade-libguestfs-gobject-devel oracle-linux-upgrade-libguestfs-inspect-icons oracle-linux-upgrade-libguestfs-java oracle-linux-upgrade-libguestfs-java-devel oracle-linux-upgrade-libguestfs-javadoc oracle-linux-upgrade-libguestfs-man-pages-ja oracle-linux-upgrade-libguestfs-man-pages-uk oracle-linux-upgrade-libguestfs-rescue oracle-linux-upgrade-libguestfs-rsync oracle-linux-upgrade-libguestfs-tools oracle-linux-upgrade-libguestfs-tools-c oracle-linux-upgrade-libguestfs-winsupport oracle-linux-upgrade-libguestfs-xfs oracle-linux-upgrade-libiscsi oracle-linux-upgrade-libiscsi-devel oracle-linux-upgrade-libiscsi-utils oracle-linux-upgrade-libnbd oracle-linux-upgrade-libnbd-bash-completion oracle-linux-upgrade-libnbd-devel oracle-linux-upgrade-libtpms oracle-linux-upgrade-libtpms-devel oracle-linux-upgrade-libvirt oracle-linux-upgrade-libvirt-client oracle-linux-upgrade-libvirt-client-qemu oracle-linux-upgrade-libvirt-daemon oracle-linux-upgrade-libvirt-daemon-config-network oracle-linux-upgrade-libvirt-daemon-config-nwfilter oracle-linux-upgrade-libvirt-daemon-driver-interface oracle-linux-upgrade-libvirt-daemon-driver-network oracle-linux-upgrade-libvirt-daemon-driver-nodedev oracle-linux-upgrade-libvirt-daemon-driver-nwfilter oracle-linux-upgrade-libvirt-daemon-driver-qemu oracle-linux-upgrade-libvirt-daemon-driver-secret oracle-linux-upgrade-libvirt-daemon-driver-storage oracle-linux-upgrade-libvirt-daemon-driver-storage-core oracle-linux-upgrade-libvirt-daemon-driver-storage-disk oracle-linux-upgrade-libvirt-daemon-driver-storage-gluster oracle-linux-upgrade-libvirt-daemon-driver-storage-iscsi oracle-linux-upgrade-libvirt-daemon-driver-storage-iscsi-direct oracle-linux-upgrade-libvirt-daemon-driver-storage-logical oracle-linux-upgrade-libvirt-daemon-driver-storage-mpath oracle-linux-upgrade-libvirt-daemon-driver-storage-rbd oracle-linux-upgrade-libvirt-daemon-driver-storage-scsi oracle-linux-upgrade-libvirt-daemon-kvm oracle-linux-upgrade-libvirt-dbus oracle-linux-upgrade-libvirt-devel oracle-linux-upgrade-libvirt-docs oracle-linux-upgrade-libvirt-libs oracle-linux-upgrade-libvirt-lock-sanlock oracle-linux-upgrade-libvirt-nss oracle-linux-upgrade-libvirt-wireshark oracle-linux-upgrade-lua-guestfs oracle-linux-upgrade-nbdfuse oracle-linux-upgrade-nbdkit oracle-linux-upgrade-nbdkit-bash-completion oracle-linux-upgrade-nbdkit-basic-filters oracle-linux-upgrade-nbdkit-basic-plugins oracle-linux-upgrade-nbdkit-curl-plugin oracle-linux-upgrade-nbdkit-devel oracle-linux-upgrade-nbdkit-example-plugins oracle-linux-upgrade-nbdkit-gzip-filter oracle-linux-upgrade-nbdkit-gzip-plugin oracle-linux-upgrade-nbdkit-linuxdisk-plugin oracle-linux-upgrade-nbdkit-nbd-plugin oracle-linux-upgrade-nbdkit-python-plugin oracle-linux-upgrade-nbdkit-server oracle-linux-upgrade-nbdkit-ssh-plugin oracle-linux-upgrade-nbdkit-tar-filter oracle-linux-upgrade-nbdkit-tar-plugin oracle-linux-upgrade-nbdkit-tmpdisk-plugin oracle-linux-upgrade-nbdkit-vddk-plugin oracle-linux-upgrade-nbdkit-xz-filter oracle-linux-upgrade-netcf oracle-linux-upgrade-netcf-devel oracle-linux-upgrade-netcf-libs oracle-linux-upgrade-ocaml-hivex oracle-linux-upgrade-ocaml-hivex-devel oracle-linux-upgrade-ocaml-libguestfs oracle-linux-upgrade-ocaml-libguestfs-devel oracle-linux-upgrade-ocaml-libnbd oracle-linux-upgrade-ocaml-libnbd-devel oracle-linux-upgrade-perl-hivex oracle-linux-upgrade-perl-sys-guestfs oracle-linux-upgrade-perl-sys-virt oracle-linux-upgrade-python3-hivex oracle-linux-upgrade-python3-libguestfs oracle-linux-upgrade-python3-libnbd oracle-linux-upgrade-python3-libvirt oracle-linux-upgrade-qemu-guest-agent oracle-linux-upgrade-qemu-img oracle-linux-upgrade-qemu-kvm oracle-linux-upgrade-qemu-kvm-audio-pa oracle-linux-upgrade-qemu-kvm-block-blkio oracle-linux-upgrade-qemu-kvm-block-curl oracle-linux-upgrade-qemu-kvm-block-gluster oracle-linux-upgrade-qemu-kvm-block-iscsi oracle-linux-upgrade-qemu-kvm-block-rbd oracle-linux-upgrade-qemu-kvm-block-ssh oracle-linux-upgrade-qemu-kvm-common oracle-linux-upgrade-qemu-kvm-core oracle-linux-upgrade-qemu-kvm-device-display-virtio-gpu oracle-linux-upgrade-qemu-kvm-device-display-virtio-gpu-pci oracle-linux-upgrade-qemu-kvm-device-display-virtio-vga oracle-linux-upgrade-qemu-kvm-device-usb-host oracle-linux-upgrade-qemu-kvm-device-usb-redirect oracle-linux-upgrade-qemu-kvm-docs oracle-linux-upgrade-qemu-kvm-hw-usbredir oracle-linux-upgrade-qemu-kvm-tests oracle-linux-upgrade-qemu-kvm-tools oracle-linux-upgrade-qemu-kvm-ui-egl-headless oracle-linux-upgrade-qemu-kvm-ui-opengl oracle-linux-upgrade-qemu-kvm-ui-spice oracle-linux-upgrade-qemu-pr-helper oracle-linux-upgrade-qemu-virtiofsd oracle-linux-upgrade-ruby-hivex oracle-linux-upgrade-ruby-libguestfs oracle-linux-upgrade-seabios oracle-linux-upgrade-seabios-bin oracle-linux-upgrade-seavgabios-bin oracle-linux-upgrade-sgabios oracle-linux-upgrade-sgabios-bin oracle-linux-upgrade-supermin oracle-linux-upgrade-supermin-devel oracle-linux-upgrade-swtpm oracle-linux-upgrade-swtpm-devel oracle-linux-upgrade-swtpm-libs oracle-linux-upgrade-swtpm-tools oracle-linux-upgrade-swtpm-tools-pkcs11 oracle-linux-upgrade-virt-dib oracle-linux-upgrade-virt-v2v oracle-linux-upgrade-virt-v2v-bash-completion oracle-linux-upgrade-virt-v2v-man-pages-ja oracle-linux-upgrade-virt-v2v-man-pages-uk References https://attackerkb.com/topics/cve-2023-3019 CVE - 2023-3019 ELSA-2024-12276 ELSA-2024-12407 ELSA-2024-0135 ELSA-2024-12605 ELSA-2024-2135