ISHACK AI BOT

SUSE: CVE-2023-1859: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 05/17/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-1859 CVE - 2023-1859

Huawei EulerOS: CVE-2023-1972: binutils security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. Solution(s) huawei-euleros-2_0_sp11-upgrade-binutils References https://attackerkb.com/topics/cve-2023-1972 CVE - 2023-1972 EulerOS-SA-2023-2675

Google Chrome Vulnerability: CVE-2023-2724 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/17/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2724 CVE - 2023-2724

Google Chrome Vulnerability: CVE-2023-2721 Use after free in Navigation Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/17/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2721 CVE - 2023-2721

Google Chrome Vulnerability: CVE-2023-2722 Use after free in Autofill UI Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/17/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2722 CVE - 2023-2722

SUSE: CVE-2023-1972: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. Solution(s) suse-upgrade-binutils suse-upgrade-binutils-devel suse-upgrade-binutils-devel-32bit suse-upgrade-binutils-gold suse-upgrade-cross-aarch64-binutils suse-upgrade-cross-arm-binutils suse-upgrade-cross-avr-binutils suse-upgrade-cross-epiphany-binutils suse-upgrade-cross-hppa-binutils suse-upgrade-cross-hppa64-binutils suse-upgrade-cross-i386-binutils suse-upgrade-cross-ia64-binutils suse-upgrade-cross-m68k-binutils suse-upgrade-cross-mips-binutils suse-upgrade-cross-ppc-binutils suse-upgrade-cross-ppc64-binutils suse-upgrade-cross-ppc64le-binutils suse-upgrade-cross-riscv64-binutils suse-upgrade-cross-rx-binutils suse-upgrade-cross-s390-binutils suse-upgrade-cross-s390x-binutils suse-upgrade-cross-sparc-binutils suse-upgrade-cross-sparc64-binutils suse-upgrade-cross-spu-binutils suse-upgrade-cross-x86_64-binutils suse-upgrade-cross-xtensa-binutils suse-upgrade-libctf-nobfd0 suse-upgrade-libctf0 References https://attackerkb.com/topics/cve-2023-1972 CVE - 2023-1972

Ubuntu: USN-6290-1 (CVE-2023-2731): LibTIFF vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 08/16/2023 Added 08/16/2023 Modified 01/30/2025 Description A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. Solution(s) ubuntu-upgrade-libtiff-tools ubuntu-upgrade-libtiff6 References https://attackerkb.com/topics/cve-2023-2731 CVE - 2023-2731 USN-6290-1

Ubuntu: (Multiple Advisories) (CVE-2023-1972): GNU binutils vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 05/25/2023 Added 05/25/2023 Modified 01/28/2025 Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. Solution(s) ubuntu-upgrade-binutils ubuntu-upgrade-binutils-multiarch ubuntu-upgrade-gdb ubuntu-upgrade-gdbserver References https://attackerkb.com/topics/cve-2023-1972 CVE - 2023-1972 USN-6101-1 USN-6842-1

Alpine Linux: CVE-2022-42336: Vulnerability in Multiple Components Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:N) Published 05/17/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it's possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won't have effect because the hypervisor assumes it's already active. Solution(s) alpine-linux-upgrade-xen References https://attackerkb.com/topics/cve-2022-42336 CVE - 2022-42336 https://security.alpinelinux.org/vuln/CVE-2022-42336

Gentoo Linux: CVE-2023-1972: GNU Binutils: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. Solution(s) gentoo-linux-upgrade-sys-devel-binutils References https://attackerkb.com/topics/cve-2023-1972 CVE - 2023-1972 202309-15

Amazon Linux 2023: CVE-2023-28322: Medium priority package update for curl Severity 3 CVSS (AV:N/AC:H/Au:N/C:P/I:N/A:N) Published 05/17/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application. Solution(s) amazon-linux-2023-upgrade-curl amazon-linux-2023-upgrade-curl-debuginfo amazon-linux-2023-upgrade-curl-debugsource amazon-linux-2023-upgrade-curl-minimal amazon-linux-2023-upgrade-curl-minimal-debuginfo amazon-linux-2023-upgrade-libcurl amazon-linux-2023-upgrade-libcurl-debuginfo amazon-linux-2023-upgrade-libcurl-devel amazon-linux-2023-upgrade-libcurl-minimal amazon-linux-2023-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-28322 CVE - 2023-28322 https://alas.aws.amazon.com/AL2023/ALAS-2023-270.html

Gentoo Linux: CVE-2023-24805: CUPS filters: Remote Code Execution Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 05/17/2023 Created 01/09/2024 Added 01/08/2024 Modified 01/28/2025 Description cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime. Solution(s) gentoo-linux-upgrade-net-print-cups-filters References https://attackerkb.com/topics/cve-2023-24805 CVE - 2023-24805 202401-06

Amazon Linux 2023: CVE-2023-28321: Medium priority package update for curl Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:C/A:N) Published 05/17/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. A flaw was found in the Curl package. An incorrect International Domain Name (IDN) wildcard match may lead to improper certificate validation. Solution(s) amazon-linux-2023-upgrade-curl amazon-linux-2023-upgrade-curl-debuginfo amazon-linux-2023-upgrade-curl-debugsource amazon-linux-2023-upgrade-curl-minimal amazon-linux-2023-upgrade-curl-minimal-debuginfo amazon-linux-2023-upgrade-libcurl amazon-linux-2023-upgrade-libcurl-debuginfo amazon-linux-2023-upgrade-libcurl-devel amazon-linux-2023-upgrade-libcurl-minimal amazon-linux-2023-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-28321 CVE - 2023-28321 https://alas.aws.amazon.com/AL2023/ALAS-2023-270.html

Red Hat OpenShift: CVE-2023-2295: libreswan: Regression offixes in the Red Hat Enterprise Linux Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 01/11/2025 Added 01/10/2025 Modified 01/28/2025 Description A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. Solution(s) linuxrpm-upgrade-libreswan References https://attackerkb.com/topics/cve-2023-2295 CVE - 2023-2295 RHSA-2023:3107 RHSA-2023:3148 RHSA-2024:10594

Amazon Linux 2023: CVE-2023-28319: Medium priority package update for curl Severity 5 CVSS (AV:N/AC:H/Au:N/C:C/I:N/A:N) Published 05/17/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed. A use-after-free flaw was found in the Curl package. This flaw risks inserting sensitive heap-based data into the error message that users might see or is otherwise leaked and revealed. Solution(s) amazon-linux-2023-upgrade-curl amazon-linux-2023-upgrade-curl-debuginfo amazon-linux-2023-upgrade-curl-debugsource amazon-linux-2023-upgrade-curl-minimal amazon-linux-2023-upgrade-curl-minimal-debuginfo amazon-linux-2023-upgrade-libcurl amazon-linux-2023-upgrade-libcurl-debuginfo amazon-linux-2023-upgrade-libcurl-devel amazon-linux-2023-upgrade-libcurl-minimal amazon-linux-2023-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-28319 CVE - 2023-28319 https://alas.aws.amazon.com/AL2023/ALAS-2023-270.html

SUSE: CVE-2023-28319: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 05/17/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed. Solution(s) suse-upgrade-curl suse-upgrade-libcurl-devel suse-upgrade-libcurl-devel-32bit suse-upgrade-libcurl4 suse-upgrade-libcurl4-32bit References https://attackerkb.com/topics/cve-2023-28319 CVE - 2023-28319

FreeBSD: VID-943F8915-6C5D-11EF-810A-F8B46A88F42C (CVE-2023-1972): binutils -- Multiple vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 09/10/2024 Added 09/07/2024 Modified 01/28/2025 Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. Solution(s) freebsd-upgrade-package-binutils References CVE-2023-1972

Rocky Linux: CVE-2023-2295: libreswan (RLSA-2023-3107) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. Solution(s) rocky-upgrade-libreswan rocky-upgrade-libreswan-debuginfo rocky-upgrade-libreswan-debugsource References https://attackerkb.com/topics/cve-2023-2295 CVE - 2023-2295 https://errata.rockylinux.org/RLSA-2023:3107

Rocky Linux: CVE-2023-24805: cups-filters (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 05/17/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime. Solution(s) rocky-upgrade-cups-filters rocky-upgrade-cups-filters-debuginfo rocky-upgrade-cups-filters-debugsource rocky-upgrade-cups-filters-devel rocky-upgrade-cups-filters-libs rocky-upgrade-cups-filters-libs-debuginfo References https://attackerkb.com/topics/cve-2023-24805 CVE - 2023-24805 https://errata.rockylinux.org/RLSA-2023:3423 https://errata.rockylinux.org/RLSA-2023:3425

VMware Photon OS: CVE-2023-1859 Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 05/17/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1859 CVE - 2023-1859

Alpine Linux: CVE-2023-1972: Out-of-bounds Write Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2023-1972 CVE - 2023-1972 https://security.alpinelinux.org/vuln/CVE-2023-1972

Google Chrome Vulnerability: CVE-2023-2723 Use after free in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/17/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2723 CVE - 2023-2723

CentOS Linux: CVE-2023-2731: Moderate: libtiff security update (CESA-2023:6575) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. Solution(s) centos-upgrade-libtiff centos-upgrade-libtiff-debuginfo centos-upgrade-libtiff-debugsource centos-upgrade-libtiff-devel centos-upgrade-libtiff-tools-debuginfo References CVE-2023-2731

Debian: CVE-2022-42336: xen -- security update Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:N) Published 05/17/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it's possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won't have effect because the hypervisor assumes it's already active. Solution(s) debian-upgrade-xen References https://attackerkb.com/topics/cve-2022-42336 CVE - 2022-42336

Oracle Linux: CVE-2023-2858: ELSA-2023-6469:wireshark security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/17/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/07/2025 Description NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file A flaw was found in the NetScaler file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. Solution(s) oracle-linux-upgrade-wireshark oracle-linux-upgrade-wireshark-cli oracle-linux-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-2858 CVE - 2023-2858 ELSA-2023-6469 ELSA-2023-7015