ISHACK AI BOT

Ubuntu: USN-6101-1 (CVE-2023-25584): GNU binutils vulnerabilities Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:C) Published 05/24/2023 Created 05/25/2023 Added 05/25/2023 Modified 01/28/2025 Description An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils. Solution(s) ubuntu-pro-upgrade-binutils ubuntu-pro-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2023-25584 CVE - 2023-25584 USN-6101-1

SUSE: CVE-2021-25749: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/24/2023 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. Solution(s) suse-upgrade-kubernetes1-23-client suse-upgrade-kubernetes1-23-client-common References https://attackerkb.com/topics/cve-2021-25749 CVE - 2021-25749

Ubuntu: (Multiple Advisories) (CVE-2023-25586): GNU binutils vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/24/2023 Created 05/25/2023 Added 05/25/2023 Modified 01/28/2025 Description A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service. Solution(s) ubuntu-upgrade-binutils ubuntu-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2023-25586 CVE - 2023-25586 USN-6101-1

Ubuntu: USN-6101-1 (CVE-2023-25588): GNU binutils vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/24/2023 Created 05/25/2023 Added 05/25/2023 Modified 01/28/2025 Description A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service. Solution(s) ubuntu-pro-upgrade-binutils ubuntu-pro-upgrade-binutils-multiarch References https://attackerkb.com/topics/cve-2023-25588 CVE - 2023-25588 USN-6101-1

Debian: CVE-2023-2283: libssh -- security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 05/24/2023 Created 05/24/2023 Added 05/24/2023 Modified 01/28/2025 Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK. Solution(s) debian-upgrade-libssh References https://attackerkb.com/topics/cve-2023-2283 CVE - 2023-2283 DSA-5409-1

Debian: CVE-2023-32697: xerial-sqlite-jdbc -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/23/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2. Solution(s) debian-upgrade-xerial-sqlite-jdbc References https://attackerkb.com/topics/cve-2023-32697 CVE - 2023-32697

Apache Tomcat: Moderate: Apache Tomcat denial of service (CVE-2023-28709) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/23/2023 Created 05/23/2023 Added 05/23/2023 Modified 01/28/2025 Description The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur. Solution(s) apache-tomcat-upgrade-10_1_8 apache-tomcat-upgrade-8_5_88 apache-tomcat-upgrade-9_0_74 References https://attackerkb.com/topics/cve-2023-28709 CVE - 2023-28709 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html

Apache RocketMQ update config RCE Disclosed 05/23/2023 Created 07/06/2023 Description RocketMQ versions 5.1.0 and below are vulnerable to Arbitrary Code Injection. Broker component of RocketMQ is leaked on the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. Author(s) Malayke jheysel-r7 h00die Platform Linux,Unix Architectures cmd Development Source Code History

Oracle Linux: CVE-2023-2952: ELSA-2023-6469:wireshark security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/23/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/07/2025 Description XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service. Solution(s) oracle-linux-upgrade-wireshark oracle-linux-upgrade-wireshark-cli oracle-linux-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-2952 CVE - 2023-2952 ELSA-2023-6469 ELSA-2023-7015

Oracle Linux: CVE-2023-32681: ELSA-2023-4520:python-requests security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:C/I:N/A:N) Published 05/23/2023 Created 08/04/2023 Added 08/03/2023 Modified 01/07/2025 Description Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0. A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuild_proxies is used to recompute and reattach the Proxy-Authorization header to requests when redirected. This behavior only affects proxied requests when credentials are supplied in the URL user information component (for example, https://username:password@proxy:8080). Solution(s) oracle-linux-upgrade-babel oracle-linux-upgrade-python2 oracle-linux-upgrade-python2-attrs oracle-linux-upgrade-python2-babel oracle-linux-upgrade-python2-backports oracle-linux-upgrade-python2-backports-ssl-match-hostname oracle-linux-upgrade-python2-bson oracle-linux-upgrade-python2-chardet oracle-linux-upgrade-python2-coverage oracle-linux-upgrade-python2-cython oracle-linux-upgrade-python2-debug oracle-linux-upgrade-python2-devel oracle-linux-upgrade-python2-dns oracle-linux-upgrade-python2-docs oracle-linux-upgrade-python2-docs-info oracle-linux-upgrade-python2-docutils oracle-linux-upgrade-python2-funcsigs oracle-linux-upgrade-python2-idna oracle-linux-upgrade-python2-ipaddress oracle-linux-upgrade-python2-jinja2 oracle-linux-upgrade-python2-libs oracle-linux-upgrade-python2-lxml oracle-linux-upgrade-python2-markupsafe oracle-linux-upgrade-python2-mock oracle-linux-upgrade-python2-nose oracle-linux-upgrade-python2-numpy oracle-linux-upgrade-python2-numpy-doc oracle-linux-upgrade-python2-numpy-f2py oracle-linux-upgrade-python2-pip oracle-linux-upgrade-python2-pip-wheel oracle-linux-upgrade-python2-pluggy oracle-linux-upgrade-python2-psycopg2 oracle-linux-upgrade-python2-psycopg2-debug oracle-linux-upgrade-python2-psycopg2-tests oracle-linux-upgrade-python2-py oracle-linux-upgrade-python2-pygments oracle-linux-upgrade-python2-pymongo oracle-linux-upgrade-python2-pymongo-gridfs oracle-linux-upgrade-python2-pymysql oracle-linux-upgrade-python2-pysocks oracle-linux-upgrade-python2-pytest oracle-linux-upgrade-python2-pytest-mock oracle-linux-upgrade-python2-pytz oracle-linux-upgrade-python2-pyyaml oracle-linux-upgrade-python2-requests oracle-linux-upgrade-python2-rpm-macros oracle-linux-upgrade-python2-scipy oracle-linux-upgrade-python2-setuptools oracle-linux-upgrade-python2-setuptools-scm oracle-linux-upgrade-python2-setuptools-wheel oracle-linux-upgrade-python2-six oracle-linux-upgrade-python2-sqlalchemy oracle-linux-upgrade-python2-test oracle-linux-upgrade-python2-tkinter oracle-linux-upgrade-python2-tools oracle-linux-upgrade-python2-urllib3 oracle-linux-upgrade-python2-virtualenv oracle-linux-upgrade-python2-wheel oracle-linux-upgrade-python2-wheel-wheel oracle-linux-upgrade-python38 oracle-linux-upgrade-python38-asn1crypto oracle-linux-upgrade-python38-atomicwrites oracle-linux-upgrade-python38-attrs oracle-linux-upgrade-python38-babel oracle-linux-upgrade-python38-cffi oracle-linux-upgrade-python38-chardet oracle-linux-upgrade-python38-cryptography oracle-linux-upgrade-python38-cython oracle-linux-upgrade-python38-debug oracle-linux-upgrade-python38-devel oracle-linux-upgrade-python38-idle oracle-linux-upgrade-python38-idna oracle-linux-upgrade-python38-jinja2 oracle-linux-upgrade-python38-libs oracle-linux-upgrade-python38-lxml oracle-linux-upgrade-python38-markupsafe oracle-linux-upgrade-python38-mod-wsgi oracle-linux-upgrade-python38-more-itertools oracle-linux-upgrade-python38-numpy oracle-linux-upgrade-python38-numpy-doc oracle-linux-upgrade-python38-numpy-f2py oracle-linux-upgrade-python38-packaging oracle-linux-upgrade-python38-pip oracle-linux-upgrade-python38-pip-wheel oracle-linux-upgrade-python38-pluggy oracle-linux-upgrade-python38-ply oracle-linux-upgrade-python38-psutil oracle-linux-upgrade-python38-psycopg2 oracle-linux-upgrade-python38-psycopg2-doc oracle-linux-upgrade-python38-psycopg2-tests oracle-linux-upgrade-python38-py oracle-linux-upgrade-python38-pycparser oracle-linux-upgrade-python38-pymysql oracle-linux-upgrade-python38-pyparsing oracle-linux-upgrade-python38-pysocks oracle-linux-upgrade-python38-pytest oracle-linux-upgrade-python38-pytz oracle-linux-upgrade-python38-pyyaml oracle-linux-upgrade-python38-requests oracle-linux-upgrade-python38-rpm-macros oracle-linux-upgrade-python38-scipy oracle-linux-upgrade-python38-setuptools oracle-linux-upgrade-python38-setuptools-wheel oracle-linux-upgrade-python38-six oracle-linux-upgrade-python38-test oracle-linux-upgrade-python38-tkinter oracle-linux-upgrade-python38-urllib3 oracle-linux-upgrade-python38-wcwidth oracle-linux-upgrade-python38-wheel oracle-linux-upgrade-python38-wheel-wheel oracle-linux-upgrade-python39 oracle-linux-upgrade-python39-attrs oracle-linux-upgrade-python39-cffi oracle-linux-upgrade-python39-chardet oracle-linux-upgrade-python39-cryptography oracle-linux-upgrade-python39-cython oracle-linux-upgrade-python39-debug oracle-linux-upgrade-python39-devel oracle-linux-upgrade-python39-idle oracle-linux-upgrade-python39-idna oracle-linux-upgrade-python39-iniconfig oracle-linux-upgrade-python39-libs oracle-linux-upgrade-python39-lxml oracle-linux-upgrade-python39-mod-wsgi oracle-linux-upgrade-python39-more-itertools oracle-linux-upgrade-python39-numpy oracle-linux-upgrade-python39-numpy-doc oracle-linux-upgrade-python39-numpy-f2py oracle-linux-upgrade-python39-packaging oracle-linux-upgrade-python39-pip oracle-linux-upgrade-python39-pip-wheel oracle-linux-upgrade-python39-pluggy oracle-linux-upgrade-python39-ply oracle-linux-upgrade-python39-psutil oracle-linux-upgrade-python39-psycopg2 oracle-linux-upgrade-python39-psycopg2-doc oracle-linux-upgrade-python39-psycopg2-tests oracle-linux-upgrade-python39-py oracle-linux-upgrade-python39-pybind11 oracle-linux-upgrade-python39-pybind11-devel oracle-linux-upgrade-python39-pycparser oracle-linux-upgrade-python39-pymysql oracle-linux-upgrade-python39-pyparsing oracle-linux-upgrade-python39-pysocks oracle-linux-upgrade-python39-pytest oracle-linux-upgrade-python39-pyyaml oracle-linux-upgrade-python39-requests oracle-linux-upgrade-python39-rpm-macros oracle-linux-upgrade-python39-scipy oracle-linux-upgrade-python39-setuptools oracle-linux-upgrade-python39-setuptools-wheel oracle-linux-upgrade-python39-six oracle-linux-upgrade-python39-test oracle-linux-upgrade-python39-tkinter oracle-linux-upgrade-python39-toml oracle-linux-upgrade-python39-urllib3 oracle-linux-upgrade-python39-wcwidth oracle-linux-upgrade-python39-wheel oracle-linux-upgrade-python39-wheel-wheel oracle-linux-upgrade-python3-requests oracle-linux-upgrade-python3-requests-security oracle-linux-upgrade-python3-requests-socks oracle-linux-upgrade-python-nose-docs oracle-linux-upgrade-python-psycopg2-doc oracle-linux-upgrade-python-sqlalchemy-doc References https://attackerkb.com/topics/cve-2023-32681 CVE - 2023-32681 ELSA-2023-4520 ELSA-2023-7050 ELSA-2023-7034 ELSA-2023-7042 ELSA-2023-4350

GitLab Authenticated File Read Disclosed 05/23/2023 Created 06/07/2023 Description GitLab version 16.0 contains a directory traversal for arbitrary file read as the `gitlab-www` user. This module requires authentication for exploitation. In order to use this module, a user must be able to create a project and groups. When exploiting this vulnerability, there is a direct correlation between the traversal depth, and the depth of groups the vulnerable project is in. The minimum for this seems to be 5, but up to 11 have also been observed. An example of this, is if the directory traversal needs a depth of 11, a group and 10 nested child groups, each a sub of the previous, will be created (adding up to 11). Visually this looks like: Group1->sub1->sub2->sub3->sub4->sub5->sub6->sub7->sub8->sub9->sub10. If the depth was 5, a group and 4 nested child groups would be created. With all these requirements satisfied a dummy file is uploaded, and the full traversal is then executed. Cleanup is performed by deleting the first group which cascades to deleting all other objects created. Author(s) h00die pwnie Vitellozzo Development Source Code History

Amazon Linux 2023: CVE-2023-2952: Important priority package update for wireshark Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/23/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service. Solution(s) amazon-linux-2023-upgrade-wireshark-cli amazon-linux-2023-upgrade-wireshark-cli-debuginfo amazon-linux-2023-upgrade-wireshark-debugsource amazon-linux-2023-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-2952 CVE - 2023-2952 https://alas.aws.amazon.com/AL2023/ALAS-2023-197.html

Huawei EulerOS: CVE-2023-2483: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/23/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/10/2024 Description Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-2483 CVE - 2023-2483 EulerOS-SA-2023-2689

Oracle Linux: CVE-2023-32067: ELSA-2023-3577: 18 security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/22/2023 Created 06/15/2023 Added 06/14/2023 Modified 01/23/2025 Description c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service. Solution(s) oracle-linux-upgrade-c-ares oracle-linux-upgrade-c-ares-devel oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-libs oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-32067 CVE - 2023-32067 ELSA-2023-3577 ELSA-2023-4035 ELSA-2023-3559 ELSA-2023-4034 ELSA-2023-3586 ELSA-2023-3741 ELSA-2023-3584 View more

Oracle Linux: CVE-2023-31130: ELSA-2023-3577: 18 security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:H/Au:M/C:N/I:C/A:C) Published 05/22/2023 Created 06/16/2023 Added 06/15/2023 Modified 01/23/2025 Description c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue.C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1. A vulnerability was found in c-ares. This issue occurs in the ares_inet_net_pton() function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which would require an administrator to configure such an address via ares_set_sortlist(). Solution(s) oracle-linux-upgrade-c-ares oracle-linux-upgrade-c-ares-devel oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-libs oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-31130 CVE - 2023-31130 ELSA-2023-3577 ELSA-2023-4035 ELSA-2023-4034 ELSA-2023-6635 ELSA-2023-7207 ELSA-2023-3586 View more

Debian: CVE-2023-2838: gpac -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 05/22/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/28/2025 Description Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. Solution(s) debian-upgrade-gpac References https://attackerkb.com/topics/cve-2023-2838 CVE - 2023-2838 DSA-5411 DSA-5411-1

Oracle Linux: CVE-2024-0340: ELSA-2024-12271: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 05/22/2023 Created 05/22/2024 Added 04/09/2024 Modified 01/23/2025 Description A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2024-0340 CVE - 2024-0340 ELSA-2024-12271 ELSA-2024-12275 ELSA-2024-3618 ELSA-2024-12274

SUSE: CVE-2023-33285: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 05/22/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. Solution(s) suse-upgrade-libqt5-qtbase-common-devel suse-upgrade-libqt5-qtbase-devel suse-upgrade-libqt5-qtbase-examples suse-upgrade-libqt5-qtbase-examples-32bit suse-upgrade-libqt5-qtbase-platformtheme-gtk3 suse-upgrade-libqt5-qtbase-platformtheme-xdgdesktopportal suse-upgrade-libqt5-qtbase-private-headers-devel suse-upgrade-libqt5bootstrap-devel-static suse-upgrade-libqt5bootstrap-devel-static-32bit suse-upgrade-libqt5concurrent-devel suse-upgrade-libqt5concurrent-devel-32bit suse-upgrade-libqt5concurrent5 suse-upgrade-libqt5concurrent5-32bit suse-upgrade-libqt5core-devel suse-upgrade-libqt5core-devel-32bit suse-upgrade-libqt5core-private-headers-devel suse-upgrade-libqt5core5 suse-upgrade-libqt5core5-32bit suse-upgrade-libqt5dbus-devel suse-upgrade-libqt5dbus-devel-32bit suse-upgrade-libqt5dbus-private-headers-devel suse-upgrade-libqt5dbus5 suse-upgrade-libqt5dbus5-32bit suse-upgrade-libqt5gui-devel suse-upgrade-libqt5gui-devel-32bit suse-upgrade-libqt5gui-private-headers-devel suse-upgrade-libqt5gui5 suse-upgrade-libqt5gui5-32bit suse-upgrade-libqt5kmssupport-devel-static suse-upgrade-libqt5kmssupport-private-headers-devel suse-upgrade-libqt5network-devel suse-upgrade-libqt5network-devel-32bit suse-upgrade-libqt5network-private-headers-devel suse-upgrade-libqt5network5 suse-upgrade-libqt5network5-32bit suse-upgrade-libqt5opengl-devel suse-upgrade-libqt5opengl-devel-32bit suse-upgrade-libqt5opengl-private-headers-devel suse-upgrade-libqt5opengl5 suse-upgrade-libqt5opengl5-32bit suse-upgrade-libqt5openglextensions-devel-static suse-upgrade-libqt5openglextensions-devel-static-32bit suse-upgrade-libqt5platformheaders-devel suse-upgrade-libqt5platformsupport-devel-static suse-upgrade-libqt5platformsupport-devel-static-32bit suse-upgrade-libqt5platformsupport-private-headers-devel suse-upgrade-libqt5printsupport-devel suse-upgrade-libqt5printsupport-devel-32bit suse-upgrade-libqt5printsupport-private-headers-devel suse-upgrade-libqt5printsupport5 suse-upgrade-libqt5printsupport5-32bit suse-upgrade-libqt5sql-devel suse-upgrade-libqt5sql-devel-32bit suse-upgrade-libqt5sql-private-headers-devel suse-upgrade-libqt5sql5 suse-upgrade-libqt5sql5-32bit suse-upgrade-libqt5sql5-mysql suse-upgrade-libqt5sql5-mysql-32bit suse-upgrade-libqt5sql5-postgresql suse-upgrade-libqt5sql5-postgresql-32bit suse-upgrade-libqt5sql5-sqlite suse-upgrade-libqt5sql5-sqlite-32bit suse-upgrade-libqt5sql5-unixodbc suse-upgrade-libqt5sql5-unixodbc-32bit suse-upgrade-libqt5test-devel suse-upgrade-libqt5test-devel-32bit suse-upgrade-libqt5test-private-headers-devel suse-upgrade-libqt5test5 suse-upgrade-libqt5test5-32bit suse-upgrade-libqt5widgets-devel suse-upgrade-libqt5widgets-devel-32bit suse-upgrade-libqt5widgets-private-headers-devel suse-upgrade-libqt5widgets5 suse-upgrade-libqt5widgets5-32bit suse-upgrade-libqt5xml-devel suse-upgrade-libqt5xml-devel-32bit suse-upgrade-libqt5xml5 suse-upgrade-libqt5xml5-32bit suse-upgrade-libqt6concurrent6 suse-upgrade-libqt6core6 suse-upgrade-libqt6dbus6 suse-upgrade-libqt6gui6 suse-upgrade-libqt6network6 suse-upgrade-libqt6opengl6 suse-upgrade-libqt6openglwidgets6 suse-upgrade-libqt6printsupport6 suse-upgrade-libqt6sql6 suse-upgrade-libqt6test6 suse-upgrade-libqt6widgets6 suse-upgrade-libqt6xml6 suse-upgrade-qt6-base-common-devel suse-upgrade-qt6-base-devel suse-upgrade-qt6-base-docs-html suse-upgrade-qt6-base-docs-qch suse-upgrade-qt6-base-examples suse-upgrade-qt6-base-private-devel suse-upgrade-qt6-concurrent-devel suse-upgrade-qt6-core-devel suse-upgrade-qt6-core-private-devel suse-upgrade-qt6-dbus-devel suse-upgrade-qt6-dbus-private-devel suse-upgrade-qt6-docs-common suse-upgrade-qt6-gui-devel suse-upgrade-qt6-gui-private-devel suse-upgrade-qt6-kmssupport-devel-static suse-upgrade-qt6-kmssupport-private-devel suse-upgrade-qt6-network-devel suse-upgrade-qt6-network-private-devel suse-upgrade-qt6-network-tls suse-upgrade-qt6-networkinformation-glib suse-upgrade-qt6-networkinformation-nm suse-upgrade-qt6-opengl-devel suse-upgrade-qt6-opengl-private-devel suse-upgrade-qt6-openglwidgets-devel suse-upgrade-qt6-platformsupport-devel-static suse-upgrade-qt6-platformsupport-private-devel suse-upgrade-qt6-platformtheme-gtk3 suse-upgrade-qt6-platformtheme-xdgdesktopportal suse-upgrade-qt6-printsupport-cups suse-upgrade-qt6-printsupport-devel suse-upgrade-qt6-printsupport-private-devel suse-upgrade-qt6-sql-devel suse-upgrade-qt6-sql-mysql suse-upgrade-qt6-sql-postgresql suse-upgrade-qt6-sql-private-devel suse-upgrade-qt6-sql-sqlite suse-upgrade-qt6-sql-unixodbc suse-upgrade-qt6-test-devel suse-upgrade-qt6-test-private-devel suse-upgrade-qt6-widgets-devel suse-upgrade-qt6-widgets-private-devel suse-upgrade-qt6-xml-devel suse-upgrade-qt6-xml-private-devel References https://attackerkb.com/topics/cve-2023-33285 CVE - 2023-33285

Alma Linux: CVE-2023-28709: Moderate: tomcat security and bug fix update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/22/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur. Solution(s) alma-upgrade-tomcat alma-upgrade-tomcat-admin-webapps alma-upgrade-tomcat-docs-webapp alma-upgrade-tomcat-el-3.0-api alma-upgrade-tomcat-jsp-2.3-api alma-upgrade-tomcat-lib alma-upgrade-tomcat-servlet-4.0-api alma-upgrade-tomcat-webapps References https://attackerkb.com/topics/cve-2023-28709 CVE - 2023-28709 https://errata.almalinux.org/8/ALSA-2023-7065.html https://errata.almalinux.org/9/ALSA-2023-6570.html

Alma Linux: CVE-2023-33285: Moderate: qt5-qtbase security update (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 05/22/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. Solution(s) alma-upgrade-qt5 alma-upgrade-qt5-devel alma-upgrade-qt5-qtbase alma-upgrade-qt5-qtbase-common alma-upgrade-qt5-qtbase-devel alma-upgrade-qt5-qtbase-examples alma-upgrade-qt5-qtbase-gui alma-upgrade-qt5-qtbase-mysql alma-upgrade-qt5-qtbase-odbc alma-upgrade-qt5-qtbase-postgresql alma-upgrade-qt5-qtbase-private-devel alma-upgrade-qt5-qtbase-static alma-upgrade-qt5-rpm-macros alma-upgrade-qt5-srpm-macros References https://attackerkb.com/topics/cve-2023-33285 CVE - 2023-33285 https://errata.almalinux.org/8/ALSA-2023-6967.html https://errata.almalinux.org/9/ALSA-2023-6369.html

VMware Photon OS: CVE-2023-28709 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-28709 CVE - 2023-28709

Gentoo Linux: CVE-2023-33297: Bitcoin: Denial of Service Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/22/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. Solution(s) gentoo-linux-upgrade-net-p2p-bitcoind References https://attackerkb.com/topics/cve-2023-33297 CVE - 2023-33297 202408-12

VMware Photon OS: CVE-2023-33288 Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 05/22/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-33288 CVE - 2023-33288

Amazon Linux 2023: CVE-2024-0340: Important priority package update for kernel Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 05/22/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-79-99-164 amazon-linux-2023-upgrade-kernel-modules-extra amazon-linux-2023-upgrade-kernel-modules-extra-common amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-0340 CVE - 2024-0340 https://alas.aws.amazon.com/AL2023/ALAS-2024-549.html

Ubuntu: (Multiple Advisories) (CVE-2023-33288): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 05/22/2023 Created 06/19/2023 Added 06/19/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1025-gkeop ubuntu-upgrade-linux-image-5-15-0-1030-nvidia ubuntu-upgrade-linux-image-5-15-0-1030-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1035-ibm ubuntu-upgrade-linux-image-5-15-0-1035-raspi ubuntu-upgrade-linux-image-5-15-0-1037-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1039-gcp ubuntu-upgrade-linux-image-5-15-0-1039-gke ubuntu-upgrade-linux-image-5-15-0-1039-kvm ubuntu-upgrade-linux-image-5-15-0-1040-oracle ubuntu-upgrade-linux-image-5-15-0-1041-aws ubuntu-upgrade-linux-image-5-15-0-1042-aws ubuntu-upgrade-linux-image-5-15-0-1043-azure-fde ubuntu-upgrade-linux-image-5-15-0-1045-azure ubuntu-upgrade-linux-image-5-15-0-1045-azure-fde ubuntu-upgrade-linux-image-5-15-0-79-generic ubuntu-upgrade-linux-image-5-15-0-79-generic-64k ubuntu-upgrade-linux-image-5-15-0-79-generic-lpae ubuntu-upgrade-linux-image-5-15-0-79-lowlatency ubuntu-upgrade-linux-image-5-15-0-79-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1003-ibm ubuntu-upgrade-linux-image-6-2-0-1005-aws ubuntu-upgrade-linux-image-6-2-0-1005-azure ubuntu-upgrade-linux-image-6-2-0-1005-lowlatency ubuntu-upgrade-linux-image-6-2-0-1005-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1005-oracle ubuntu-upgrade-linux-image-6-2-0-1006-kvm ubuntu-upgrade-linux-image-6-2-0-1006-raspi ubuntu-upgrade-linux-image-6-2-0-1006-raspi-nolpae ubuntu-upgrade-linux-image-6-2-0-1007-gcp ubuntu-upgrade-linux-image-6-2-0-23-generic ubuntu-upgrade-linux-image-6-2-0-23-generic-64k ubuntu-upgrade-linux-image-6-2-0-23-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 References https://attackerkb.com/topics/cve-2023-33288 CVE - 2023-33288 USN-6175-1 USN-6186-1 USN-6300-1 USN-6311-1 USN-6332-1 USN-6347-1 View more