ISHACK AI BOT

Debian: CVE-2023-0184: Multiple Affected Packages Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/22/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0184 CVE - 2023-0184

Debian: CVE-2023-0190: Multiple Affected Packages Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/22/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-legacy-390xx debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2023-0190 CVE - 2023-0190

Ubuntu: (CVE-2023-0184): nvidia-graphics-drivers-450-server vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/22/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0184 CVE - 2023-0184 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0184

Ubuntu: (CVE-2023-0199): nvidia-graphics-drivers-450-server vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:C) Published 04/22/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-450-server ubuntu-upgrade-nvidia-graphics-drivers-470 ubuntu-upgrade-nvidia-graphics-drivers-470-server ubuntu-upgrade-nvidia-graphics-drivers-515 ubuntu-upgrade-nvidia-graphics-drivers-515-server ubuntu-upgrade-nvidia-graphics-drivers-525 ubuntu-upgrade-nvidia-graphics-drivers-525-server References https://attackerkb.com/topics/cve-2023-0199 CVE - 2023-0199 https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://www.cve.org/CVERecord?id=CVE-2023-0199

Oracle Linux: CVE-2023-27932: ELSA-2023-6535:webkit2gtk3 security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:C/A:N) Published 04/21/2023 Created 11/24/2023 Added 11/22/2023 Modified 01/07/2025 Description This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy. A vulnerability was found in WebKitGTK. This security issue occurs when processing maliciously crafted web content that may bypass the same-origin Policy. Solution(s) oracle-linux-upgrade-webkit2gtk3 oracle-linux-upgrade-webkit2gtk3-devel oracle-linux-upgrade-webkit2gtk3-jsc oracle-linux-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2023-27932 CVE - 2023-27932 ELSA-2023-6535 ELSA-2023-7055

Gentoo Linux: CVE-2023-0184: NVIDIA Drivers: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/22/2023 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2023-0184 CVE - 2023-0184 202310-02

Amazon Linux AMI 2: CVE-2023-1998: Security patch for kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 04/21/2023 Created 05/05/2023 Added 05/02/2023 Modified 01/28/2025 Description The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-309-231-529 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-173-154-642 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-102-61-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1998 AL2/ALAS-2023-1987 AL2/ALASKERNEL-5.10-2023-028 AL2/ALASKERNEL-5.15-2023-015 AL2/ALASKERNEL-5.4-2023-043 CVE - 2023-1998

Oracle Linux: CVE-2023-27954: ELSA-2023-6535:webkit2gtk3 security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 04/21/2023 Created 11/24/2023 Added 11/22/2023 Modified 01/07/2025 Description The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information. A vulnerability was found in WebKitGTK. This security issue leads to tracking sensitive user information via a website. Solution(s) oracle-linux-upgrade-webkit2gtk3 oracle-linux-upgrade-webkit2gtk3-devel oracle-linux-upgrade-webkit2gtk3-jsc oracle-linux-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2023-27954 CVE - 2023-27954 ELSA-2023-6535 ELSA-2023-7055

Debian: CVE-2023-30798: starlette -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/21/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description There MultipartParser usage in Encode's Starlette python framework before versions 0.25.0 allows an unauthenticated and remote attacker to specify any number of form fields or files which can cause excessive memory usage resulting in denial of service of the HTTP service. Solution(s) debian-upgrade-starlette References https://attackerkb.com/topics/cve-2023-30798 CVE - 2023-30798

Oracle Linux: CVE-2022-32885: ELSA-2023-6535:webkit2gtk3 security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 04/21/2023 Created 11/24/2023 Added 11/22/2023 Modified 01/07/2025 Description A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution A vulnerability was found in WebKitGTK. This security issue occurs when processing maliciously crafted web content that may lead to arbitrary code execution. This memory corruption issue was addressed with improved validation. Solution(s) oracle-linux-upgrade-webkit2gtk3 oracle-linux-upgrade-webkit2gtk3-devel oracle-linux-upgrade-webkit2gtk3-jsc oracle-linux-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2022-32885 CVE - 2022-32885 ELSA-2023-6535 ELSA-2023-7055

Huawei EulerOS: CVE-2023-31084: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs References https://attackerkb.com/topics/cve-2023-31084 CVE - 2023-31084 EulerOS-SA-2023-2811

Huawei EulerOS: CVE-2023-28484: libxml2 security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) huawei-euleros-2_0_sp10-upgrade-libxml2 huawei-euleros-2_0_sp10-upgrade-python3-libxml2 References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 EulerOS-SA-2023-2386

OS X update for Face Gallery (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Rocky Linux: CVE-2023-29479: thunderbird (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 04/24/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Ribose RNP before 0.16.3 may hang when the input is malformed. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-29479 CVE - 2023-29479 https://errata.rockylinux.org/RLSA-2023:1802 https://errata.rockylinux.org/RLSA-2023:1809

Debian: CVE-2023-29469: libxml2 -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 05/05/2023 Added 04/24/2023 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) debian-upgrade-libxml2 References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 DSA-5391-1

Debian: CVE-2023-31084: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/28/2025 Description An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-31084 CVE - 2023-31084 DLA-3508-1 DSA-5448 DSA-5448-1 DSA-5480

Debian: CVE-2023-31083: linux, linux-6.1 -- security update Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 04/24/2023 Created 10/08/2024 Added 10/07/2024 Modified 01/28/2025 Description An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur. Solution(s) debian-upgrade-linux debian-upgrade-linux-6-1 References https://attackerkb.com/topics/cve-2023-31083 CVE - 2023-31083 DSA-5782-1

Debian: CVE-2023-29480: rnp -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 04/24/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use. Solution(s) debian-upgrade-rnp References https://attackerkb.com/topics/cve-2023-29480 CVE - 2023-29480

IBM AIX: libxml2_advisory5 (CVE-2023-28484): Vulnerability in libxml2 affects AIX Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) ibm-aix-libxml2_advisory5 References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory5.asc

IBM AIX: libxml2_advisory5 (CVE-2023-29469): Vulnerability in libxml2 affects AIX Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/30/2025 Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). Solution(s) ibm-aix-libxml2_advisory5 References https://attackerkb.com/topics/cve-2023-29469 CVE - 2023-29469 https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory5.asc

Huawei EulerOS: CVE-2023-28484: libxml2 security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) huawei-euleros-2_0_sp9-upgrade-libxml2 huawei-euleros-2_0_sp9-upgrade-python3-libxml2 References https://attackerkb.com/topics/cve-2023-28484 CVE - 2023-28484 EulerOS-SA-2023-2336

OS X update for GeoServices (CVE-2023-29469) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/24/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

CentOS Linux: CVE-2023-1998: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 04/21/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt References CVE-2023-1998

VMware Photon OS: CVE-2023-1998 Severity 4 CVSS (AV:L/AC:H/Au:S/C:C/I:N/A:N) Published 04/21/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1998 CVE - 2023-1998

Debian: CVE-2023-1998: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 04/21/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1998 CVE - 2023-1998 DLA-3403-1 DLA-3404-1