ISHACK AI BOT

Amazon Linux AMI 2: CVE-2023-25652: Security patch for git (ALAS-2023-2072) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 04/25/2023 Created 06/08/2023 Added 06/08/2023 Modified 01/28/2025 Description Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. Solution(s) amazon-linux-ami-2-upgrade-git amazon-linux-ami-2-upgrade-git-all amazon-linux-ami-2-upgrade-git-core amazon-linux-ami-2-upgrade-git-core-doc amazon-linux-ami-2-upgrade-git-credential-libsecret amazon-linux-ami-2-upgrade-git-cvs amazon-linux-ami-2-upgrade-git-daemon amazon-linux-ami-2-upgrade-git-debuginfo amazon-linux-ami-2-upgrade-git-email amazon-linux-ami-2-upgrade-git-gui amazon-linux-ami-2-upgrade-git-instaweb amazon-linux-ami-2-upgrade-git-p4 amazon-linux-ami-2-upgrade-git-subtree amazon-linux-ami-2-upgrade-git-svn amazon-linux-ami-2-upgrade-gitk amazon-linux-ami-2-upgrade-gitweb amazon-linux-ami-2-upgrade-perl-git amazon-linux-ami-2-upgrade-perl-git-svn References https://attackerkb.com/topics/cve-2023-25652 AL2/ALAS-2023-2072 CVE - 2023-25652

Alpine Linux: CVE-2023-25815: Path Traversal Severity 2 CVSS (AV:L/AC:H/Au:S/C:N/I:P/A:P) Published 04/25/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/14/2024 Description In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\`. Solution(s) alpine-linux-upgrade-git References https://attackerkb.com/topics/cve-2023-25815 CVE - 2023-25815 https://security.alpinelinux.org/vuln/CVE-2023-25815

Alpine Linux: CVE-2022-42335: NULL Pointer Dereference Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed through to cause the hypervisor to access an arbitrary pointer partially under guest control. Solution(s) alpine-linux-upgrade-xen References https://attackerkb.com/topics/cve-2022-42335 CVE - 2022-42335 https://security.alpinelinux.org/vuln/CVE-2022-42335

Huawei EulerOS: CVE-2023-25652: git security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 04/25/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/28/2025 Description Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. Solution(s) huawei-euleros-2_0_sp10-upgrade-git huawei-euleros-2_0_sp10-upgrade-git-help References https://attackerkb.com/topics/cve-2023-25652 CVE - 2023-25652 EulerOS-SA-2023-2380

Ubuntu: (Multiple Advisories) (CVE-2023-31085): Linux kernel (OEM) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1126-oracle ubuntu-upgrade-linux-image-4-15-0-1147-kvm ubuntu-upgrade-linux-image-4-15-0-1157-gcp ubuntu-upgrade-linux-image-4-15-0-1163-aws ubuntu-upgrade-linux-image-4-15-0-1172-azure ubuntu-upgrade-linux-image-4-15-0-220-generic ubuntu-upgrade-linux-image-4-15-0-220-lowlatency ubuntu-upgrade-linux-image-4-4-0-1125-aws ubuntu-upgrade-linux-image-4-4-0-1126-kvm ubuntu-upgrade-linux-image-4-4-0-1163-aws ubuntu-upgrade-linux-image-4-4-0-248-generic ubuntu-upgrade-linux-image-4-4-0-248-lowlatency ubuntu-upgrade-linux-image-5-15-0-1033-gkeop ubuntu-upgrade-linux-image-5-15-0-1041-nvidia ubuntu-upgrade-linux-image-5-15-0-1041-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1043-ibm ubuntu-upgrade-linux-image-5-15-0-1043-raspi ubuntu-upgrade-linux-image-5-15-0-1045-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1047-gcp ubuntu-upgrade-linux-image-5-15-0-1047-gke ubuntu-upgrade-linux-image-5-15-0-1047-kvm ubuntu-upgrade-linux-image-5-15-0-1048-oracle ubuntu-upgrade-linux-image-5-15-0-1050-aws ubuntu-upgrade-linux-image-5-15-0-1052-azure ubuntu-upgrade-linux-image-5-15-0-1052-azure-fde ubuntu-upgrade-linux-image-5-15-0-89-generic ubuntu-upgrade-linux-image-5-15-0-89-generic-64k ubuntu-upgrade-linux-image-5-15-0-89-generic-lpae ubuntu-upgrade-linux-image-5-15-0-89-lowlatency ubuntu-upgrade-linux-image-5-15-0-89-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1026-iot ubuntu-upgrade-linux-image-5-4-0-1034-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1061-ibm ubuntu-upgrade-linux-image-5-4-0-1075-bluefield ubuntu-upgrade-linux-image-5-4-0-1081-gkeop ubuntu-upgrade-linux-image-5-4-0-1098-raspi ubuntu-upgrade-linux-image-5-4-0-1103-kvm ubuntu-upgrade-linux-image-5-4-0-1113-oracle ubuntu-upgrade-linux-image-5-4-0-1114-aws ubuntu-upgrade-linux-image-5-4-0-1118-gcp ubuntu-upgrade-linux-image-5-4-0-1120-azure ubuntu-upgrade-linux-image-5-4-0-167-generic ubuntu-upgrade-linux-image-5-4-0-167-generic-lpae ubuntu-upgrade-linux-image-5-4-0-167-lowlatency ubuntu-upgrade-linux-image-6-1-0-1025-oem ubuntu-upgrade-linux-image-6-2-0-1009-starfive ubuntu-upgrade-linux-image-6-2-0-1012-nvidia ubuntu-upgrade-linux-image-6-2-0-1012-nvidia-64k ubuntu-upgrade-linux-image-6-2-0-1016-aws ubuntu-upgrade-linux-image-6-2-0-1016-oracle ubuntu-upgrade-linux-image-6-2-0-1017-azure ubuntu-upgrade-linux-image-6-2-0-1017-azure-fde ubuntu-upgrade-linux-image-6-2-0-1017-kvm ubuntu-upgrade-linux-image-6-2-0-1017-lowlatency ubuntu-upgrade-linux-image-6-2-0-1017-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1017-raspi ubuntu-upgrade-linux-image-6-2-0-1019-gcp ubuntu-upgrade-linux-image-6-2-0-37-generic ubuntu-upgrade-linux-image-6-2-0-37-generic-64k ubuntu-upgrade-linux-image-6-2-0-37-generic-lpae ubuntu-upgrade-linux-image-6-5-0-1004-starfive ubuntu-upgrade-linux-image-6-5-0-1006-laptop ubuntu-upgrade-linux-image-6-5-0-1007-raspi ubuntu-upgrade-linux-image-6-5-0-1008-oem ubuntu-upgrade-linux-image-6-5-0-1009-azure ubuntu-upgrade-linux-image-6-5-0-1009-azure-fde ubuntu-upgrade-linux-image-6-5-0-1010-aws ubuntu-upgrade-linux-image-6-5-0-1010-gcp ubuntu-upgrade-linux-image-6-5-0-1012-oracle ubuntu-upgrade-linux-image-6-5-0-13-generic ubuntu-upgrade-linux-image-6-5-0-13-generic-64k ubuntu-upgrade-linux-image-6-5-0-13-lowlatency ubuntu-upgrade-linux-image-6-5-0-13-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-laptop-23-10 ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-2 ubuntu-upgrade-linux-image-nvidia-64k-6-2 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-31085 CVE - 2023-31085 USN-6461-1 USN-6494-1 USN-6494-2 USN-6495-1 USN-6495-2 USN-6496-1 USN-6496-2 USN-6502-1 USN-6502-2 USN-6502-3 USN-6502-4 USN-6503-1 USN-6516-1 USN-6520-1 USN-6532-1 USN-6537-1 USN-6572-1 View more

Ubuntu: (Multiple Advisories) (CVE-2023-25815): Git vulnerabilities Severity 1 CVSS (AV:L/AC:H/Au:S/C:N/I:P/A:N) Published 04/25/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/30/2025 Description In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\`. Solution(s) ubuntu-pro-upgrade-git References https://attackerkb.com/topics/cve-2023-25815 CVE - 2023-25815 USN-6050-1 USN-7023-1

OS X update for Kernel (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for libxml2 (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 12/23/2023 Added 12/22/2023 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) apple-osx-upgrade-13_4 References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 https://support.apple.com/kb/HT213758

VMware Photon OS: CVE-2023-2006 Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 04/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-2006 CVE - 2023-2006

Huawei EulerOS: CVE-2023-29469: libxml2 security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) huawei-euleros-2_0_sp10-upgrade-libxml2 huawei-euleros-2_0_sp10-upgrade-python3-libxml2 References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 EulerOS-SA-2023-2386

OS X update for Accessibility (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Contacts (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Debian: CVE-2023-0547: thunderbird -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 04/24/2023 Created 05/05/2023 Added 04/24/2023 Modified 01/28/2025 Description OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird < 102.10. Solution(s) debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-0547 CVE - 2023-0547 DSA-5392-1

Debian: CVE-2023-2019: linux -- security update Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 04/24/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-2019 CVE - 2023-2019

Debian: CVE-2023-2007: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/24/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/28/2025 Description The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-2007 CVE - 2023-2007 DLA-3508-1 DSA-5480

Debian: CVE-2023-2006: linux -- security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 04/24/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-2006 CVE - 2023-2006

SUSE: CVE-2023-29469: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 05/05/2023 Added 04/27/2023 Modified 01/28/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) suse-upgrade-libxml2-2 suse-upgrade-libxml2-2-32bit suse-upgrade-libxml2-devel suse-upgrade-libxml2-devel-32bit suse-upgrade-libxml2-doc suse-upgrade-libxml2-tools suse-upgrade-python-libxml2 suse-upgrade-python2-libxml2-python suse-upgrade-python3-libxml2 suse-upgrade-python3-libxml2-python References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469

Amazon Linux AMI 2: CVE-2023-31085: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 11/02/2023 Added 11/02/2023 Modified 01/28/2025 Description An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-198-187-748 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-31085 AL2/ALASKERNEL-5.10-2023-042 AL2/ALASKERNEL-5.4-2023-055 CVE - 2023-31085

Amazon Linux AMI 2: CVE-2023-29469: Security patch for libxml2 (ALAS-2023-2021) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 05/05/2023 Added 05/03/2023 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) amazon-linux-ami-2-upgrade-libxml2 amazon-linux-ami-2-upgrade-libxml2-debuginfo amazon-linux-ami-2-upgrade-libxml2-devel amazon-linux-ami-2-upgrade-libxml2-python amazon-linux-ami-2-upgrade-libxml2-static References https://attackerkb.com/topics/cve-2023-29469 AL2/ALAS-2023-2021 CVE - 2023-29469

CentOS Linux: CVE-2023-28484: Moderate: libxml2 security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) centos-upgrade-libxml2 centos-upgrade-libxml2-debuginfo centos-upgrade-libxml2-debugsource centos-upgrade-libxml2-devel centos-upgrade-python3-libxml2 centos-upgrade-python3-libxml2-debuginfo References CVE-2023-28484

CentOS Linux: CVE-2023-29469: Moderate: libxml2 security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) centos-upgrade-libxml2 centos-upgrade-libxml2-debuginfo centos-upgrade-libxml2-debugsource centos-upgrade-libxml2-devel centos-upgrade-python3-libxml2 centos-upgrade-python3-libxml2-debuginfo References CVE-2023-29469

FreeBSD: VID-B09D77D0-B27C-48AE-B69B-9641BB68B39E (CVE-2023-29469): electron -- vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 05/23/2023 Added 05/19/2023 Modified 01/28/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) freebsd-upgrade-package-electron22 freebsd-upgrade-package-electron23 References CVE-2023-29469

Debian: CVE-2023-29479: rnp, thunderbird -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 04/24/2023 Created 05/05/2023 Added 04/24/2023 Modified 01/28/2025 Description Ribose RNP before 0.16.3 may hang when the input is malformed. Solution(s) debian-upgrade-rnp debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-29479 CVE - 2023-29479 DSA-5392-1

Debian: CVE-2023-2251: node-yaml -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5. Solution(s) debian-upgrade-node-yaml References https://attackerkb.com/topics/cve-2023-2251 CVE - 2023-2251

Debian: CVE-2023-28484: libxml2 -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 05/05/2023 Added 04/24/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) debian-upgrade-libxml2 References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 DSA-5391-1