ISHACK AI BOT

Alpine Linux: CVE-2023-29469: Double Free Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) alpine-linux-upgrade-libxml2 alpine-linux-upgrade-qt5-qtwebengine References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 https://security.alpinelinux.org/vuln/CVE-2023-29469

Alpine Linux: CVE-2023-28484: NULL Pointer Dereference Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) alpine-linux-upgrade-libxml2 References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 https://security.alpinelinux.org/vuln/CVE-2023-28484

Rocky Linux: CVE-2023-28484: libxml2 (RLSA-2023-4529) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) rocky-upgrade-libxml2 rocky-upgrade-libxml2-debuginfo rocky-upgrade-libxml2-debugsource rocky-upgrade-libxml2-devel rocky-upgrade-python3-libxml2 rocky-upgrade-python3-libxml2-debuginfo References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 https://errata.rockylinux.org/RLSA-2023:4529

Rocky Linux: CVE-2023-29469: libxml2 (RLSA-2023-4529) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) rocky-upgrade-libxml2 rocky-upgrade-libxml2-debuginfo rocky-upgrade-libxml2-debugsource rocky-upgrade-libxml2-devel rocky-upgrade-python3-libxml2 rocky-upgrade-python3-libxml2-debuginfo References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 https://errata.rockylinux.org/RLSA-2023:4529

Rocky Linux: CVE-2023-31083: kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-31083 CVE - 2023-31083 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

Huawei EulerOS: CVE-2023-31085: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 01/30/2024 Added 01/29/2024 Modified 01/28/2025 Description An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-31085 CVE - 2023-31085 EulerOS-SA-2024-1122

Huawei EulerOS: CVE-2023-31084: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-31084 CVE - 2023-31084 EulerOS-SA-2023-2860

OS X update for CoreServices (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Core Location (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ImageIO (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Gentoo Linux: CVE-2023-29469: libxml2: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) gentoo-linux-upgrade-dev-libs-libxml2 References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 202402-11

Alma Linux: CVE-2023-28484: Moderate: libxml2 security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) alma-upgrade-libxml2 alma-upgrade-libxml2-devel alma-upgrade-python3-libxml2 References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 https://errata.almalinux.org/8/ALSA-2023-4529.html https://errata.almalinux.org/9/ALSA-2023-4349.html

Huawei EulerOS: CVE-2023-31085: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. Solution(s) huawei-euleros-2_0_sp5-upgrade-kernel huawei-euleros-2_0_sp5-upgrade-kernel-devel huawei-euleros-2_0_sp5-upgrade-kernel-headers huawei-euleros-2_0_sp5-upgrade-kernel-tools huawei-euleros-2_0_sp5-upgrade-kernel-tools-libs huawei-euleros-2_0_sp5-upgrade-perf huawei-euleros-2_0_sp5-upgrade-python-perf References https://attackerkb.com/topics/cve-2023-31085 CVE - 2023-31085 EulerOS-SA-2024-1144

Ubuntu: (CVE-2023-2019): linux vulnerability Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 04/24/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gke-5-15 ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-gkeop-5-15 ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-nvidia ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv-5-15 References https://attackerkb.com/topics/cve-2023-2019 CVE - 2023-2019 https://bugzilla.redhat.com/show_bug.cgi?id=2189137 https://git.kernel.org/linus/180a6a3ee60a7cb69ed1232388460644f6a21f00 https://github.com/torvalds/linux/commit/180a6a3ee60a https://www.cve.org/CVERecord?id=CVE-2023-2019 https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811/

Ubuntu: (CVE-2023-2006): linux vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 04/24/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-5-19 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gke-5-15 ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-gkeop-5-15 ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-hwe-5-19 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-intel-iot-realtime ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-lowlatency-hwe-5-19 ubuntu-upgrade-linux-nvidia ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv ubuntu-upgrade-linux-riscv-5-15 References https://attackerkb.com/topics/cve-2023-2006 CVE - 2023-2006 https://bugzilla.redhat.com/show_bug.cgi?id=2189112 https://github.com/torvalds/linux/commit/3bcd6c7eaa53 https://www.cve.org/CVERecord?id=CVE-2023-2006 https://www.zerodayinitiative.com/advisories/ZDI-23-439/

VMware Photon OS: CVE-2023-31084 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-31084 CVE - 2023-31084

Ubuntu: (Multiple Advisories) (CVE-2023-31084): Linux kernel (OEM) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 07/17/2023 Added 07/17/2023 Modified 01/28/2025 Description An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1123-oracle ubuntu-upgrade-linux-image-4-15-0-1144-kvm ubuntu-upgrade-linux-image-4-15-0-1154-gcp ubuntu-upgrade-linux-image-4-15-0-1160-aws ubuntu-upgrade-linux-image-4-15-0-1169-azure ubuntu-upgrade-linux-image-4-15-0-216-generic ubuntu-upgrade-linux-image-4-15-0-216-lowlatency ubuntu-upgrade-linux-image-4-4-0-1122-aws ubuntu-upgrade-linux-image-4-4-0-1123-kvm ubuntu-upgrade-linux-image-4-4-0-1160-aws ubuntu-upgrade-linux-image-4-4-0-244-generic ubuntu-upgrade-linux-image-4-4-0-244-lowlatency ubuntu-upgrade-linux-image-5-15-0-1027-gkeop ubuntu-upgrade-linux-image-5-15-0-1032-nvidia ubuntu-upgrade-linux-image-5-15-0-1032-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1037-ibm ubuntu-upgrade-linux-image-5-15-0-1037-raspi ubuntu-upgrade-linux-image-5-15-0-1039-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1041-gcp ubuntu-upgrade-linux-image-5-15-0-1041-gke ubuntu-upgrade-linux-image-5-15-0-1041-kvm ubuntu-upgrade-linux-image-5-15-0-1042-oracle ubuntu-upgrade-linux-image-5-15-0-1044-aws ubuntu-upgrade-linux-image-5-15-0-1046-azure ubuntu-upgrade-linux-image-5-15-0-1046-azure-fde ubuntu-upgrade-linux-image-5-15-0-83-generic ubuntu-upgrade-linux-image-5-15-0-83-generic-64k ubuntu-upgrade-linux-image-5-15-0-83-generic-lpae ubuntu-upgrade-linux-image-5-15-0-83-lowlatency ubuntu-upgrade-linux-image-5-15-0-83-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1021-iot ubuntu-upgrade-linux-image-5-4-0-1029-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1056-ibm ubuntu-upgrade-linux-image-5-4-0-1070-bluefield ubuntu-upgrade-linux-image-5-4-0-1076-gkeop ubuntu-upgrade-linux-image-5-4-0-1093-raspi ubuntu-upgrade-linux-image-5-4-0-1098-kvm ubuntu-upgrade-linux-image-5-4-0-1108-oracle ubuntu-upgrade-linux-image-5-4-0-1109-aws ubuntu-upgrade-linux-image-5-4-0-1112-gcp ubuntu-upgrade-linux-image-5-4-0-1115-azure ubuntu-upgrade-linux-image-5-4-0-162-generic ubuntu-upgrade-linux-image-5-4-0-162-generic-lpae ubuntu-upgrade-linux-image-5-4-0-162-lowlatency ubuntu-upgrade-linux-image-6-1-0-1016-oem ubuntu-upgrade-linux-image-6-2-0-1004-starfive ubuntu-upgrade-linux-image-6-2-0-1009-ibm ubuntu-upgrade-linux-image-6-2-0-1011-aws ubuntu-upgrade-linux-image-6-2-0-1011-azure ubuntu-upgrade-linux-image-6-2-0-1011-oracle ubuntu-upgrade-linux-image-6-2-0-1012-kvm ubuntu-upgrade-linux-image-6-2-0-1012-lowlatency ubuntu-upgrade-linux-image-6-2-0-1012-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1012-raspi ubuntu-upgrade-linux-image-6-2-0-1013-gcp ubuntu-upgrade-linux-image-6-2-0-32-generic ubuntu-upgrade-linux-image-6-2-0-32-generic-64k ubuntu-upgrade-linux-image-6-2-0-32-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-raspi2-hwe-18-04 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-31084 CVE - 2023-31084 DSA-5448 DSA-5480 USN-6231-1 USN-6309-1 USN-6327-1 USN-6338-1 USN-6338-2 USN-6339-1 USN-6339-2 USN-6339-3 USN-6339-4 USN-6340-1 USN-6340-2 USN-6342-1 USN-6342-2 USN-6344-1 USN-6349-1 USN-6350-1 USN-6351-1 USN-6357-1 USN-6397-1 View more

OS X update for LaunchServices (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

FreeBSD: VID-BB528D7C-E2C6-11ED-A3E6-589CFC0F81B0: phpmyfaq -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/23/2023 Created 05/05/2023 Added 04/26/2023 Modified 04/26/2023 Description phpmyfaq developers report: XSS email address manipulation Solution(s) freebsd-upgrade-package-phpmyfaq

Debian: CVE-2023-0199: Multiple Affected Packages Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:C) Published 04/22/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0199 CVE - 2023-0199

Oracle Linux: CVE-2023-2731: ELSA-2023-6575:libtiff security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 04/22/2023 Created 11/18/2023 Added 11/16/2023 Modified 11/22/2024 Description A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. Solution(s) oracle-linux-upgrade-libtiff oracle-linux-upgrade-libtiff-devel oracle-linux-upgrade-libtiff-tools References https://attackerkb.com/topics/cve-2023-2731 CVE - 2023-2731 ELSA-2023-6575

Amazon Linux 2023: CVE-2023-2731: Medium priority package update for libtiff Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 04/22/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. Solution(s) amazon-linux-2023-upgrade-libtiff amazon-linux-2023-upgrade-libtiff-debuginfo amazon-linux-2023-upgrade-libtiff-debugsource amazon-linux-2023-upgrade-libtiff-devel amazon-linux-2023-upgrade-libtiff-static amazon-linux-2023-upgrade-libtiff-tools amazon-linux-2023-upgrade-libtiff-tools-debuginfo References https://attackerkb.com/topics/cve-2023-2731 CVE - 2023-2731 https://alas.aws.amazon.com/AL2023/ALAS-2023-329.html

Gentoo Linux: CVE-2023-0190: NVIDIA Drivers: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/22/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0190 CVE - 2023-0190 202310-02

Gentoo Linux: CVE-2023-0199: NVIDIA Drivers: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:C) Published 04/22/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0199 CVE - 2023-0199 202310-02

Ubuntu: (CVE-2023-0190): nvidia-graphics-drivers-450-server vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/22/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0190 CVE - 2023-0190 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0190