ISHACK AI BOT

Red Hat OpenShift: CVE-2023-24540: golang: html/template: improper handling of JavaScript whitespace Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 06/08/2023 Added 06/08/2023 Modified 01/30/2025 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) linuxrpm-upgrade-buildah linuxrpm-upgrade-openshift linuxrpm-upgrade-openshift-clients linuxrpm-upgrade-podman linuxrpm-upgrade-skopeo References https://attackerkb.com/topics/cve-2023-24540 CVE - 2023-24540 RHSA-2023:3318 RHSA-2023:3319 RHSA-2023:3323 RHSA-2023:3366 RHSA-2023:3367 RHSA-2023:3379 RHSA-2023:3409 RHSA-2023:3410 RHSA-2023:3415 RHSA-2023:3435 RHSA-2023:3445 RHSA-2023:3545 RHSA-2023:3612 RHSA-2023:3624 RHSA-2023:3644 RHSA-2023:3905 RHSA-2023:3910 RHSA-2023:3911 RHSA-2023:3914 RHSA-2023:3915 RHSA-2023:3918 RHSA-2023:4289 RHSA-2023:4335 RHSA-2023:4420 RHSA-2023:4421 RHSA-2023:4470 RHSA-2023:4627 RHSA-2023:4664 RHSA-2023:5376 RHSA-2023:5421 RHSA-2023:5442 RHSA-2023:5947 RHSA-2023:6346 RHSA-2023:6363 RHSA-2023:6402 RHSA-2023:6473 RHSA-2023:6474 RHSA-2023:6938 RHSA-2023:6939 RHSA-2024:2944 RHSA-2024:4119 View more

Amazon Linux 2023: CVE-2023-2855: Important priority package update for wireshark Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/11/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file A flaw was found in the Candump log file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. Solution(s) amazon-linux-2023-upgrade-wireshark-cli amazon-linux-2023-upgrade-wireshark-cli-debuginfo amazon-linux-2023-upgrade-wireshark-debugsource amazon-linux-2023-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-2855 CVE - 2023-2855 https://alas.aws.amazon.com/AL2023/ALAS-2023-197.html

Rapid7 InsightVM Scan Assistant: CVE-2023-24540: Go: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 01/04/2024 Added 01/03/2024 Modified 01/28/2025 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) rapid7-scan-assistant-upgrade-latest References https://attackerkb.com/topics/cve-2023-24540 CVE - 2023-24540

Alpine Linux: CVE-2023-24540: Vulnerability in Multiple Components Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) alpine-linux-upgrade-go References https://attackerkb.com/topics/cve-2023-24540 CVE - 2023-24540 https://security.alpinelinux.org/vuln/CVE-2023-24540

Alpine Linux: CVE-2023-2662: Divide By Zero Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/11/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero. Solution(s) alpine-linux-upgrade-xpdf References https://attackerkb.com/topics/cve-2023-2662 CVE - 2023-2662 https://security.alpinelinux.org/vuln/CVE-2023-2662

Alpine Linux: CVE-2023-24539: Injection Severity 7 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. Solution(s) alpine-linux-upgrade-go References https://attackerkb.com/topics/cve-2023-24539 CVE - 2023-24539 https://security.alpinelinux.org/vuln/CVE-2023-24539

Rocky Linux: CVE-2023-24540: go-toolset-Rocky-Linux8 (RLSA-2023-3319) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) rocky-upgrade-delve rocky-upgrade-delve-debuginfo rocky-upgrade-delve-debugsource rocky-upgrade-go-toolset rocky-upgrade-golang rocky-upgrade-golang-bin rocky-upgrade-golang-race References https://attackerkb.com/topics/cve-2023-24540 CVE - 2023-24540 https://errata.rockylinux.org/RLSA-2023:3319

Alpine Linux: CVE-2023-2663: Uncontrolled Recursion Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/11/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow. Solution(s) alpine-linux-upgrade-xpdf References https://attackerkb.com/topics/cve-2023-2663 CVE - 2023-2663 https://security.alpinelinux.org/vuln/CVE-2023-2663

Gentoo Linux: CVE-2023-2662: Xpdf: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 05/11/2023 Created 09/27/2024 Added 09/26/2024 Modified 01/28/2025 Description In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero. Solution(s) gentoo-linux-upgrade-app-text-xpdf References https://attackerkb.com/topics/cve-2023-2662 CVE - 2023-2662 202409-25

Huawei EulerOS: CVE-2023-24540: golang security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) huawei-euleros-2_0_sp11-upgrade-golang huawei-euleros-2_0_sp11-upgrade-golang-devel huawei-euleros-2_0_sp11-upgrade-golang-help References https://attackerkb.com/topics/cve-2023-24540 CVE - 2023-24540 EulerOS-SA-2023-2686

Huawei EulerOS: CVE-2023-24539: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. Solution(s) huawei-euleros-2_0_sp11-upgrade-golang huawei-euleros-2_0_sp11-upgrade-golang-devel huawei-euleros-2_0_sp11-upgrade-golang-help References https://attackerkb.com/topics/cve-2023-24539 CVE - 2023-24539 EulerOS-SA-2023-2686

Red Hat: CVE-2023-29400: golang: html/template: improper handling of empty HTML attributes (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/30/2025 Description Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. Solution(s) redhat-upgrade-aardvark-dns redhat-upgrade-buildah redhat-upgrade-buildah-debuginfo redhat-upgrade-buildah-debugsource redhat-upgrade-buildah-tests redhat-upgrade-buildah-tests-debuginfo redhat-upgrade-cockpit-podman redhat-upgrade-conmon redhat-upgrade-conmon-debuginfo redhat-upgrade-conmon-debugsource redhat-upgrade-container-selinux redhat-upgrade-containernetworking-plugins redhat-upgrade-containernetworking-plugins-debuginfo redhat-upgrade-containernetworking-plugins-debugsource redhat-upgrade-containers-common redhat-upgrade-crit redhat-upgrade-criu redhat-upgrade-criu-debuginfo redhat-upgrade-criu-debugsource redhat-upgrade-criu-devel redhat-upgrade-criu-libs redhat-upgrade-criu-libs-debuginfo redhat-upgrade-crun redhat-upgrade-crun-debuginfo redhat-upgrade-crun-debugsource redhat-upgrade-delve redhat-upgrade-delve-debuginfo redhat-upgrade-delve-debugsource redhat-upgrade-fuse-overlayfs redhat-upgrade-fuse-overlayfs-debuginfo redhat-upgrade-fuse-overlayfs-debugsource redhat-upgrade-go-toolset redhat-upgrade-golang redhat-upgrade-golang-bin redhat-upgrade-golang-docs redhat-upgrade-golang-misc redhat-upgrade-golang-race redhat-upgrade-golang-src redhat-upgrade-golang-tests redhat-upgrade-libslirp redhat-upgrade-libslirp-debuginfo redhat-upgrade-libslirp-debugsource redhat-upgrade-libslirp-devel redhat-upgrade-netavark redhat-upgrade-oci-seccomp-bpf-hook redhat-upgrade-oci-seccomp-bpf-hook-debuginfo redhat-upgrade-oci-seccomp-bpf-hook-debugsource redhat-upgrade-podman redhat-upgrade-podman-catatonit redhat-upgrade-podman-catatonit-debuginfo redhat-upgrade-podman-debuginfo redhat-upgrade-podman-debugsource redhat-upgrade-podman-docker redhat-upgrade-podman-gvproxy redhat-upgrade-podman-gvproxy-debuginfo redhat-upgrade-podman-plugins redhat-upgrade-podman-plugins-debuginfo redhat-upgrade-podman-remote redhat-upgrade-podman-remote-debuginfo redhat-upgrade-podman-tests redhat-upgrade-python3-criu redhat-upgrade-python3-podman redhat-upgrade-runc redhat-upgrade-runc-debuginfo redhat-upgrade-runc-debugsource redhat-upgrade-skopeo redhat-upgrade-skopeo-debuginfo redhat-upgrade-skopeo-debugsource redhat-upgrade-skopeo-tests redhat-upgrade-slirp4netns redhat-upgrade-slirp4netns-debuginfo redhat-upgrade-slirp4netns-debugsource redhat-upgrade-toolbox redhat-upgrade-toolbox-debuginfo redhat-upgrade-toolbox-debugsource redhat-upgrade-toolbox-tests redhat-upgrade-udica References CVE-2023-29400 RHSA-2023:3318 RHSA-2023:3319 RHSA-2023:6346 RHSA-2023:6363 RHSA-2023:6402 RHSA-2023:6473 RHSA-2023:6474 RHSA-2023:6938 RHSA-2023:6939 View more

Huawei EulerOS: CVE-2023-29400: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. Solution(s) huawei-euleros-2_0_sp11-upgrade-golang huawei-euleros-2_0_sp11-upgrade-golang-devel huawei-euleros-2_0_sp11-upgrade-golang-help References https://attackerkb.com/topics/cve-2023-29400 CVE - 2023-29400 EulerOS-SA-2023-2686

Huawei EulerOS: CVE-2023-29400: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/30/2025 Description Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. Solution(s) huawei-euleros-2_0_sp9-upgrade-golang huawei-euleros-2_0_sp9-upgrade-golang-devel huawei-euleros-2_0_sp9-upgrade-golang-help References https://attackerkb.com/topics/cve-2023-29400 CVE - 2023-29400 EulerOS-SA-2023-2613

Debian: CVE-2023-32668: texlive-bin -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 05/11/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5. Solution(s) debian-upgrade-texlive-bin References https://attackerkb.com/topics/cve-2023-32668 CVE - 2023-32668 DLA-3941-1

Huawei EulerOS: CVE-2023-24539: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/30/2025 Description Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. Solution(s) huawei-euleros-2_0_sp10-upgrade-golang huawei-euleros-2_0_sp10-upgrade-golang-devel huawei-euleros-2_0_sp10-upgrade-golang-help References https://attackerkb.com/topics/cve-2023-24539 CVE - 2023-24539 EulerOS-SA-2023-2382

SUSE: CVE-2023-32214: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/11/2023 Created 05/12/2023 Added 05/12/2023 Modified 01/28/2025 Description Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2023-32214 CVE - 2023-32214

CentOS Linux: CVE-2023-24539: Important: go-toolset and golang security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. Solution(s) centos-upgrade-aardvark-dns centos-upgrade-buildah centos-upgrade-buildah-debuginfo centos-upgrade-buildah-debugsource centos-upgrade-buildah-tests centos-upgrade-buildah-tests-debuginfo centos-upgrade-cockpit-podman centos-upgrade-conmon centos-upgrade-conmon-debuginfo centos-upgrade-conmon-debugsource centos-upgrade-container-selinux centos-upgrade-containernetworking-plugins centos-upgrade-containernetworking-plugins-debuginfo centos-upgrade-containernetworking-plugins-debugsource centos-upgrade-containers-common centos-upgrade-crit centos-upgrade-criu centos-upgrade-criu-debuginfo centos-upgrade-criu-debugsource centos-upgrade-criu-devel centos-upgrade-criu-libs centos-upgrade-criu-libs-debuginfo centos-upgrade-crun centos-upgrade-crun-debuginfo centos-upgrade-crun-debugsource centos-upgrade-delve centos-upgrade-delve-debuginfo centos-upgrade-delve-debugsource centos-upgrade-fuse-overlayfs centos-upgrade-fuse-overlayfs-debuginfo centos-upgrade-fuse-overlayfs-debugsource centos-upgrade-go-toolset centos-upgrade-golang centos-upgrade-golang-bin centos-upgrade-golang-docs centos-upgrade-golang-misc centos-upgrade-golang-race centos-upgrade-golang-src centos-upgrade-golang-tests centos-upgrade-libslirp centos-upgrade-libslirp-debuginfo centos-upgrade-libslirp-debugsource centos-upgrade-libslirp-devel centos-upgrade-netavark centos-upgrade-oci-seccomp-bpf-hook centos-upgrade-oci-seccomp-bpf-hook-debuginfo centos-upgrade-oci-seccomp-bpf-hook-debugsource centos-upgrade-podman centos-upgrade-podman-catatonit centos-upgrade-podman-catatonit-debuginfo centos-upgrade-podman-debuginfo centos-upgrade-podman-debugsource centos-upgrade-podman-docker centos-upgrade-podman-gvproxy centos-upgrade-podman-gvproxy-debuginfo centos-upgrade-podman-plugins centos-upgrade-podman-plugins-debuginfo centos-upgrade-podman-remote centos-upgrade-podman-remote-debuginfo centos-upgrade-podman-tests centos-upgrade-python3-criu centos-upgrade-python3-podman centos-upgrade-runc centos-upgrade-runc-debuginfo centos-upgrade-runc-debugsource centos-upgrade-skopeo centos-upgrade-skopeo-debuginfo centos-upgrade-skopeo-debugsource centos-upgrade-skopeo-tests centos-upgrade-slirp4netns centos-upgrade-slirp4netns-debuginfo centos-upgrade-slirp4netns-debugsource centos-upgrade-toolbox centos-upgrade-toolbox-debuginfo centos-upgrade-toolbox-debugsource centos-upgrade-toolbox-tests centos-upgrade-udica References CVE-2023-24539

CentOS Linux: CVE-2023-29400: Important: go-toolset and golang security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. Solution(s) centos-upgrade-aardvark-dns centos-upgrade-buildah centos-upgrade-buildah-debuginfo centos-upgrade-buildah-debugsource centos-upgrade-buildah-tests centos-upgrade-buildah-tests-debuginfo centos-upgrade-cockpit-podman centos-upgrade-conmon centos-upgrade-conmon-debuginfo centos-upgrade-conmon-debugsource centos-upgrade-container-selinux centos-upgrade-containernetworking-plugins centos-upgrade-containernetworking-plugins-debuginfo centos-upgrade-containernetworking-plugins-debugsource centos-upgrade-containers-common centos-upgrade-crit centos-upgrade-criu centos-upgrade-criu-debuginfo centos-upgrade-criu-debugsource centos-upgrade-criu-devel centos-upgrade-criu-libs centos-upgrade-criu-libs-debuginfo centos-upgrade-crun centos-upgrade-crun-debuginfo centos-upgrade-crun-debugsource centos-upgrade-delve centos-upgrade-delve-debuginfo centos-upgrade-delve-debugsource centos-upgrade-fuse-overlayfs centos-upgrade-fuse-overlayfs-debuginfo centos-upgrade-fuse-overlayfs-debugsource centos-upgrade-go-toolset centos-upgrade-golang centos-upgrade-golang-bin centos-upgrade-golang-docs centos-upgrade-golang-misc centos-upgrade-golang-race centos-upgrade-golang-src centos-upgrade-golang-tests centos-upgrade-libslirp centos-upgrade-libslirp-debuginfo centos-upgrade-libslirp-debugsource centos-upgrade-libslirp-devel centos-upgrade-netavark centos-upgrade-oci-seccomp-bpf-hook centos-upgrade-oci-seccomp-bpf-hook-debuginfo centos-upgrade-oci-seccomp-bpf-hook-debugsource centos-upgrade-podman centos-upgrade-podman-catatonit centos-upgrade-podman-catatonit-debuginfo centos-upgrade-podman-debuginfo centos-upgrade-podman-debugsource centos-upgrade-podman-docker centos-upgrade-podman-gvproxy centos-upgrade-podman-gvproxy-debuginfo centos-upgrade-podman-plugins centos-upgrade-podman-plugins-debuginfo centos-upgrade-podman-remote centos-upgrade-podman-remote-debuginfo centos-upgrade-podman-tests centos-upgrade-python3-criu centos-upgrade-python3-podman centos-upgrade-runc centos-upgrade-runc-debuginfo centos-upgrade-runc-debugsource centos-upgrade-skopeo centos-upgrade-skopeo-debuginfo centos-upgrade-skopeo-debugsource centos-upgrade-skopeo-tests centos-upgrade-slirp4netns centos-upgrade-slirp4netns-debuginfo centos-upgrade-slirp4netns-debugsource centos-upgrade-toolbox centos-upgrade-toolbox-debuginfo centos-upgrade-toolbox-debugsource centos-upgrade-toolbox-tests centos-upgrade-udica References CVE-2023-29400

Alpine Linux: CVE-2023-29400: Injection Severity 7 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. Solution(s) alpine-linux-upgrade-go References https://attackerkb.com/topics/cve-2023-29400 CVE - 2023-29400 https://security.alpinelinux.org/vuln/CVE-2023-29400

pfSense: pfSense-SA-23_07.kernel: Denial of Service due to Kernel Panic from Oversize IPv6 Packets Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 06/23/2023 Added 06/23/2023 Modified 06/26/2023 Description An IPv6 packet larger than the MTU on an interface can lead to a kernel panic in pf. For example, by generating a large ICMP packet with "ping6 -s 65500 <target address>" sent from another host to device running pfSense software. This problem is present in pfSense Plus version 23.01. It does not affect any release of pfSense CE, only development snapshots. While this issue was due to an upstream problem in the FreeBSD 14.x kernel, which is still under development, it was not present in any released version of FreeBSD. Thus, this DoS will not have a FreeBSD security advisory. A kernel panic causes a sudden reboot of the host, rendering it unavailable until it completes the reboot process, thus causing a denial of service for the interim period. On systems using UFS, it is also possible that a kernel panic may require manual intervention to repair the filesystem after a sudden reboot. Solution(s) pfsense-upgrade-latest References https://docs.netgate.com/downloads/pfSense-SA-23_07.kernel.asc https://docs.netgate.com/pfsense/en/latest/development/system-patches.html https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide.html https://redmine.pfsense.org/issues/14092

Red Hat: CVE-2023-24540: improper handling of JavaScript whitespace (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/30/2025 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) redhat-upgrade-aardvark-dns redhat-upgrade-buildah redhat-upgrade-buildah-debuginfo redhat-upgrade-buildah-debugsource redhat-upgrade-buildah-tests redhat-upgrade-buildah-tests-debuginfo redhat-upgrade-cockpit-podman redhat-upgrade-conmon redhat-upgrade-conmon-debuginfo redhat-upgrade-conmon-debugsource redhat-upgrade-container-selinux redhat-upgrade-containernetworking-plugins redhat-upgrade-containernetworking-plugins-debuginfo redhat-upgrade-containernetworking-plugins-debugsource redhat-upgrade-containers-common redhat-upgrade-crit redhat-upgrade-criu redhat-upgrade-criu-debuginfo redhat-upgrade-criu-debugsource redhat-upgrade-criu-devel redhat-upgrade-criu-libs redhat-upgrade-criu-libs-debuginfo redhat-upgrade-crun redhat-upgrade-crun-debuginfo redhat-upgrade-crun-debugsource redhat-upgrade-delve redhat-upgrade-delve-debuginfo redhat-upgrade-delve-debugsource redhat-upgrade-fuse-overlayfs redhat-upgrade-fuse-overlayfs-debuginfo redhat-upgrade-fuse-overlayfs-debugsource redhat-upgrade-go-toolset redhat-upgrade-golang redhat-upgrade-golang-bin redhat-upgrade-golang-docs redhat-upgrade-golang-misc redhat-upgrade-golang-race redhat-upgrade-golang-src redhat-upgrade-golang-tests redhat-upgrade-libslirp redhat-upgrade-libslirp-debuginfo redhat-upgrade-libslirp-debugsource redhat-upgrade-libslirp-devel redhat-upgrade-netavark redhat-upgrade-oci-seccomp-bpf-hook redhat-upgrade-oci-seccomp-bpf-hook-debuginfo redhat-upgrade-oci-seccomp-bpf-hook-debugsource redhat-upgrade-podman redhat-upgrade-podman-catatonit redhat-upgrade-podman-catatonit-debuginfo redhat-upgrade-podman-debuginfo redhat-upgrade-podman-debugsource redhat-upgrade-podman-docker redhat-upgrade-podman-gvproxy redhat-upgrade-podman-gvproxy-debuginfo redhat-upgrade-podman-plugins redhat-upgrade-podman-plugins-debuginfo redhat-upgrade-podman-remote redhat-upgrade-podman-remote-debuginfo redhat-upgrade-podman-tests redhat-upgrade-python3-criu redhat-upgrade-python3-podman redhat-upgrade-runc redhat-upgrade-runc-debuginfo redhat-upgrade-runc-debugsource redhat-upgrade-skopeo redhat-upgrade-skopeo-debuginfo redhat-upgrade-skopeo-debugsource redhat-upgrade-skopeo-tests redhat-upgrade-slirp4netns redhat-upgrade-slirp4netns-debuginfo redhat-upgrade-slirp4netns-debugsource redhat-upgrade-toolbox redhat-upgrade-toolbox-debuginfo redhat-upgrade-toolbox-debugsource redhat-upgrade-toolbox-tests redhat-upgrade-udica References CVE-2023-24540 RHSA-2023:3318 RHSA-2023:3319 RHSA-2023:6346 RHSA-2023:6363 RHSA-2023:6402 RHSA-2023:6473 RHSA-2023:6474 RHSA-2023:6938 RHSA-2023:6939 View more

VMware Photon OS: CVE-2023-24540 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/11/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-24540 CVE - 2023-24540

Red Hat: CVE-2023-24539: golang: html/template: improper sanitization of CSS values (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 05/11/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/30/2025 Description Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. Solution(s) redhat-upgrade-aardvark-dns redhat-upgrade-buildah redhat-upgrade-buildah-debuginfo redhat-upgrade-buildah-debugsource redhat-upgrade-buildah-tests redhat-upgrade-buildah-tests-debuginfo redhat-upgrade-cockpit-podman redhat-upgrade-conmon redhat-upgrade-conmon-debuginfo redhat-upgrade-conmon-debugsource redhat-upgrade-container-selinux redhat-upgrade-containernetworking-plugins redhat-upgrade-containernetworking-plugins-debuginfo redhat-upgrade-containernetworking-plugins-debugsource redhat-upgrade-containers-common redhat-upgrade-crit redhat-upgrade-criu redhat-upgrade-criu-debuginfo redhat-upgrade-criu-debugsource redhat-upgrade-criu-devel redhat-upgrade-criu-libs redhat-upgrade-criu-libs-debuginfo redhat-upgrade-crun redhat-upgrade-crun-debuginfo redhat-upgrade-crun-debugsource redhat-upgrade-delve redhat-upgrade-delve-debuginfo redhat-upgrade-delve-debugsource redhat-upgrade-fuse-overlayfs redhat-upgrade-fuse-overlayfs-debuginfo redhat-upgrade-fuse-overlayfs-debugsource redhat-upgrade-go-toolset redhat-upgrade-golang redhat-upgrade-golang-bin redhat-upgrade-golang-docs redhat-upgrade-golang-misc redhat-upgrade-golang-race redhat-upgrade-golang-src redhat-upgrade-golang-tests redhat-upgrade-libslirp redhat-upgrade-libslirp-debuginfo redhat-upgrade-libslirp-debugsource redhat-upgrade-libslirp-devel redhat-upgrade-netavark redhat-upgrade-oci-seccomp-bpf-hook redhat-upgrade-oci-seccomp-bpf-hook-debuginfo redhat-upgrade-oci-seccomp-bpf-hook-debugsource redhat-upgrade-podman redhat-upgrade-podman-catatonit redhat-upgrade-podman-catatonit-debuginfo redhat-upgrade-podman-debuginfo redhat-upgrade-podman-debugsource redhat-upgrade-podman-docker redhat-upgrade-podman-gvproxy redhat-upgrade-podman-gvproxy-debuginfo redhat-upgrade-podman-plugins redhat-upgrade-podman-plugins-debuginfo redhat-upgrade-podman-remote redhat-upgrade-podman-remote-debuginfo redhat-upgrade-podman-tests redhat-upgrade-python3-criu redhat-upgrade-python3-podman redhat-upgrade-runc redhat-upgrade-runc-debuginfo redhat-upgrade-runc-debugsource redhat-upgrade-skopeo redhat-upgrade-skopeo-debuginfo redhat-upgrade-skopeo-debugsource redhat-upgrade-skopeo-tests redhat-upgrade-slirp4netns redhat-upgrade-slirp4netns-debuginfo redhat-upgrade-slirp4netns-debugsource redhat-upgrade-toolbox redhat-upgrade-toolbox-debuginfo redhat-upgrade-toolbox-debugsource redhat-upgrade-toolbox-tests redhat-upgrade-udica References CVE-2023-24539 RHSA-2023:3318 RHSA-2023:3319 RHSA-2023:6346 RHSA-2023:6363 RHSA-2023:6402 RHSA-2023:6473 RHSA-2023:6474 RHSA-2023:6938 RHSA-2023:6939 View more

Huawei EulerOS: CVE-2023-32573: qt5-qtsvg security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/10/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. Solution(s) huawei-euleros-2_0_sp8-upgrade-qt5-qtsvg References https://attackerkb.com/topics/cve-2023-32573 CVE - 2023-32573 EulerOS-SA-2023-3156