ISHACK AI BOT

Alpine Linux: CVE-2023-2137: Out-of-bounds Write Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) alpine-linux-upgrade-qt5-qtwebengine References https://attackerkb.com/topics/cve-2023-2137 CVE - 2023-2137 https://security.alpinelinux.org/vuln/CVE-2023-2137

Ubuntu: (CVE-2023-2166): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/19/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gke-5-15 ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-gkeop-5-15 ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-hwe-5-19 ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iot-realtime ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-lowlatency-hwe-5-19 ubuntu-upgrade-linux-nvidia ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv ubuntu-upgrade-linux-riscv-5-15 ubuntu-upgrade-linux-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-2166 CVE - 2023-2166 https://git.kernel.org/linus/0acc442309a0a1b01bcdaa135e56e6398a49439c https://lore.kernel.org/lkml/CAO4mrfcV_07hbj8NUuZrA8FH-kaRsrFy-2metecpTuE5kKHn5w@mail.gmail.com/ https://www.cve.org/CVERecord?id=CVE-2023-2166

Ubuntu: (Multiple Advisories) (CVE-2023-1998): Linux kernel (OEM) vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 04/19/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1130-oracle ubuntu-upgrade-linux-image-4-15-0-1151-kvm ubuntu-upgrade-linux-image-4-15-0-1161-gcp ubuntu-upgrade-linux-image-4-15-0-1167-aws ubuntu-upgrade-linux-image-4-15-0-1176-azure ubuntu-upgrade-linux-image-4-15-0-224-generic ubuntu-upgrade-linux-image-4-15-0-224-lowlatency ubuntu-upgrade-linux-image-4-4-0-1130-aws ubuntu-upgrade-linux-image-4-4-0-1131-kvm ubuntu-upgrade-linux-image-4-4-0-1168-aws ubuntu-upgrade-linux-image-4-4-0-253-generic ubuntu-upgrade-linux-image-4-4-0-253-lowlatency ubuntu-upgrade-linux-image-5-15-0-1022-gkeop ubuntu-upgrade-linux-image-5-15-0-1032-ibm ubuntu-upgrade-linux-image-5-15-0-1032-raspi ubuntu-upgrade-linux-image-5-15-0-1032-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1033-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1035-kvm ubuntu-upgrade-linux-image-5-15-0-1036-gcp ubuntu-upgrade-linux-image-5-15-0-1036-gke ubuntu-upgrade-linux-image-5-15-0-1037-oracle ubuntu-upgrade-linux-image-5-15-0-1038-aws ubuntu-upgrade-linux-image-5-15-0-1040-azure ubuntu-upgrade-linux-image-5-15-0-1040-azure-fde ubuntu-upgrade-linux-image-5-15-0-1041-azure-fde ubuntu-upgrade-linux-image-5-15-0-75-generic ubuntu-upgrade-linux-image-5-15-0-75-generic-64k ubuntu-upgrade-linux-image-5-15-0-75-generic-lpae ubuntu-upgrade-linux-image-5-15-0-75-lowlatency ubuntu-upgrade-linux-image-5-15-0-75-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1021-raspi ubuntu-upgrade-linux-image-5-19-0-1021-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1024-ibm ubuntu-upgrade-linux-image-5-19-0-1025-kvm ubuntu-upgrade-linux-image-5-19-0-1025-oracle ubuntu-upgrade-linux-image-5-19-0-1026-gcp ubuntu-upgrade-linux-image-5-19-0-1027-aws ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1028-azure ubuntu-upgrade-linux-image-5-19-0-45-generic ubuntu-upgrade-linux-image-5-19-0-45-generic-64k ubuntu-upgrade-linux-image-5-19-0-45-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1051-ibm ubuntu-upgrade-linux-image-5-4-0-1065-bluefield ubuntu-upgrade-linux-image-5-4-0-1071-gkeop ubuntu-upgrade-linux-image-5-4-0-1088-raspi ubuntu-upgrade-linux-image-5-4-0-1093-kvm ubuntu-upgrade-linux-image-5-4-0-1102-gke ubuntu-upgrade-linux-image-5-4-0-1103-oracle ubuntu-upgrade-linux-image-5-4-0-1104-aws ubuntu-upgrade-linux-image-5-4-0-1107-gcp ubuntu-upgrade-linux-image-5-4-0-1110-azure ubuntu-upgrade-linux-image-5-4-0-152-generic ubuntu-upgrade-linux-image-5-4-0-152-generic-lpae ubuntu-upgrade-linux-image-5-4-0-152-lowlatency ubuntu-upgrade-linux-image-6-1-0-1009-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-1998 CVE - 2023-1998 USN-6033-1 USN-6171-1 USN-6172-1 USN-6185-1 USN-6187-1 USN-6207-1 USN-6222-1 USN-6223-1 USN-6256-1 USN-6739-1 USN-6740-1 View more

Ubuntu: (Multiple Advisories) (CVE-2023-2162): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/19/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1119-oracle ubuntu-upgrade-linux-image-4-15-0-1132-raspi2 ubuntu-upgrade-linux-image-4-15-0-1140-kvm ubuntu-upgrade-linux-image-4-15-0-1150-gcp ubuntu-upgrade-linux-image-4-15-0-1150-snapdragon ubuntu-upgrade-linux-image-4-15-0-1156-aws ubuntu-upgrade-linux-image-4-15-0-1165-azure ubuntu-upgrade-linux-image-4-15-0-211-generic ubuntu-upgrade-linux-image-4-15-0-211-generic-lpae ubuntu-upgrade-linux-image-4-15-0-211-lowlatency ubuntu-upgrade-linux-image-4-4-0-1121-aws ubuntu-upgrade-linux-image-4-4-0-1122-kvm ubuntu-upgrade-linux-image-4-4-0-1159-aws ubuntu-upgrade-linux-image-4-4-0-243-generic ubuntu-upgrade-linux-image-4-4-0-243-lowlatency ubuntu-upgrade-linux-image-5-15-0-1020-gkeop ubuntu-upgrade-linux-image-5-15-0-1029-raspi ubuntu-upgrade-linux-image-5-15-0-1029-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1030-ibm ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1033-gke ubuntu-upgrade-linux-image-5-15-0-1033-kvm ubuntu-upgrade-linux-image-5-15-0-1034-gcp ubuntu-upgrade-linux-image-5-15-0-1035-oracle ubuntu-upgrade-linux-image-5-15-0-1036-aws ubuntu-upgrade-linux-image-5-15-0-1038-azure ubuntu-upgrade-linux-image-5-15-0-1038-azure-fde ubuntu-upgrade-linux-image-5-15-0-72-generic ubuntu-upgrade-linux-image-5-15-0-72-generic-64k ubuntu-upgrade-linux-image-5-15-0-72-generic-lpae ubuntu-upgrade-linux-image-5-15-0-72-lowlatency ubuntu-upgrade-linux-image-5-15-0-72-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1018-raspi ubuntu-upgrade-linux-image-5-19-0-1018-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1022-ibm ubuntu-upgrade-linux-image-5-19-0-1023-kvm ubuntu-upgrade-linux-image-5-19-0-1023-oracle ubuntu-upgrade-linux-image-5-19-0-1024-gcp ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1025-aws ubuntu-upgrade-linux-image-5-19-0-1026-azure ubuntu-upgrade-linux-image-5-19-0-42-generic ubuntu-upgrade-linux-image-5-19-0-42-generic-64k ubuntu-upgrade-linux-image-5-19-0-42-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1049-ibm ubuntu-upgrade-linux-image-5-4-0-1064-bluefield ubuntu-upgrade-linux-image-5-4-0-1069-gkeop ubuntu-upgrade-linux-image-5-4-0-1085-raspi ubuntu-upgrade-linux-image-5-4-0-1091-kvm ubuntu-upgrade-linux-image-5-4-0-1099-gke ubuntu-upgrade-linux-image-5-4-0-1101-oracle ubuntu-upgrade-linux-image-5-4-0-1102-aws ubuntu-upgrade-linux-image-5-4-0-1103-aws ubuntu-upgrade-linux-image-5-4-0-1105-gcp ubuntu-upgrade-linux-image-5-4-0-1108-azure ubuntu-upgrade-linux-image-5-4-0-149-generic ubuntu-upgrade-linux-image-5-4-0-149-generic-lpae ubuntu-upgrade-linux-image-5-4-0-149-lowlatency ubuntu-upgrade-linux-image-6-0-0-1021-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-2162 CVE - 2023-2162 USN-6079-1 USN-6080-1 USN-6081-1 USN-6084-1 USN-6085-1 USN-6090-1 USN-6091-1 USN-6092-1 USN-6094-1 USN-6095-1 USN-6096-1 USN-6109-1 USN-6118-1 USN-6132-1 USN-6133-1 USN-6134-1 USN-6222-1 USN-6254-1 USN-6256-1 USN-6385-1 View more

Alma Linux: CVE-2023-2166: Important: kernel security update (ALSA-2024-0897) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/19/2023 Created 02/24/2024 Added 02/23/2024 Modified 01/28/2025 Description A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-2166 CVE - 2023-2166 https://errata.almalinux.org/8/ALSA-2024-0897.html

Alma Linux: CVE-2023-1382: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 04/19/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla References https://attackerkb.com/topics/cve-2023-1382 CVE - 2023-1382 https://errata.almalinux.org/8/ALSA-2023-7077.html https://errata.almalinux.org/9/ALSA-2023-2148.html https://errata.almalinux.org/9/ALSA-2023-2458.html

Rocky Linux: CVE-2023-27043: python39-3.9-and-python39-devel-3.9 (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 04/19/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Solution(s) rocky-upgrade-cython-debugsource rocky-upgrade-numpy-debugsource rocky-upgrade-platform-python rocky-upgrade-platform-python-debug rocky-upgrade-platform-python-devel rocky-upgrade-python-cffi-debugsource rocky-upgrade-python-cryptography-debugsource rocky-upgrade-python-lxml-debugsource rocky-upgrade-python-psutil-debugsource rocky-upgrade-python-psycopg2-debugsource rocky-upgrade-python3-debuginfo rocky-upgrade-python3-debugsource rocky-upgrade-python3-idle rocky-upgrade-python3-libs rocky-upgrade-python3-test rocky-upgrade-python3-tkinter rocky-upgrade-python39-cffi rocky-upgrade-python39-cffi-debuginfo rocky-upgrade-python39-cryptography rocky-upgrade-python39-cryptography-debuginfo rocky-upgrade-python39-cython rocky-upgrade-python39-cython-debuginfo rocky-upgrade-python39-lxml rocky-upgrade-python39-lxml-debuginfo rocky-upgrade-python39-mod_wsgi rocky-upgrade-python39-numpy rocky-upgrade-python39-numpy-debuginfo rocky-upgrade-python39-numpy-f2py rocky-upgrade-python39-psutil rocky-upgrade-python39-psutil-debuginfo rocky-upgrade-python39-psycopg2 rocky-upgrade-python39-psycopg2-debuginfo rocky-upgrade-python39-psycopg2-doc rocky-upgrade-python39-psycopg2-tests rocky-upgrade-python39-pybind11 rocky-upgrade-python39-pybind11-devel rocky-upgrade-python39-pyyaml rocky-upgrade-python39-pyyaml-debuginfo rocky-upgrade-python39-scipy rocky-upgrade-python39-scipy-debuginfo rocky-upgrade-pyyaml-debugsource rocky-upgrade-scipy-debugsource References https://attackerkb.com/topics/cve-2023-27043 CVE - 2023-27043 https://errata.rockylinux.org/RLSA-2024:0256 https://errata.rockylinux.org/RLSA-2024:2985

Oracle Linux: CVE-2023-2163: ELSA-2023-7549:kernel security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 04/19/2023 Created 12/05/2023 Added 12/02/2023 Modified 11/29/2024 Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-2163 CVE - 2023-2163 ELSA-2023-7549

Amazon Linux AMI 2: CVE-2023-2162: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/19/2023 Created 05/05/2023 Added 05/02/2023 Modified 01/28/2025 Description A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-309-231-529 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-173-154-642 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-2162 AL2/ALAS-2023-1987 AL2/ALASKERNEL-5.10-2023-028 AL2/ALASKERNEL-5.4-2023-043 CVE - 2023-2162

FreeBSD: VID-90C48C04-D549-4FC0-A503-4775E32D438E (CVE-2023-2136): chromium -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-2136

Red Hat: CVE-2023-28327: denial of service problem in net/unix/diag.c (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/19/2023 Created 10/11/2023 Added 10/11/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-28327 RHSA-2023:5603 RHSA-2023:5604

Huawei EulerOS: CVE-2023-27043: python3 security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 04/19/2023 Created 01/15/2025 Added 01/14/2025 Modified 01/28/2025 Description The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Solution(s) huawei-euleros-2_0_sp10-upgrade-python3 huawei-euleros-2_0_sp10-upgrade-python3-fgo huawei-euleros-2_0_sp10-upgrade-python3-unversioned-command References https://attackerkb.com/topics/cve-2023-27043 CVE - 2023-27043 EulerOS-SA-2025-1027

Google Chrome Vulnerability: CVE-2023-2135 Use after free in DevTools Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-2135 CVE - 2023-2135 https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html

Huawei EulerOS: CVE-2023-2162: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/19/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/28/2025 Description A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-2162 CVE - 2023-2162 EulerOS-SA-2023-2383

Amazon Linux 2023: CVE-2023-27043: Medium priority package update for python3.11 (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 04/19/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Solution(s) amazon-linux-2023-upgrade-python3 amazon-linux-2023-upgrade-python3-11 amazon-linux-2023-upgrade-python3-11-debug amazon-linux-2023-upgrade-python3-11-debuginfo amazon-linux-2023-upgrade-python3-11-debugsource amazon-linux-2023-upgrade-python3-11-devel amazon-linux-2023-upgrade-python3-11-idle amazon-linux-2023-upgrade-python3-11-libs amazon-linux-2023-upgrade-python3-11-test amazon-linux-2023-upgrade-python3-11-tkinter amazon-linux-2023-upgrade-python3-9-debuginfo amazon-linux-2023-upgrade-python3-9-debugsource amazon-linux-2023-upgrade-python3-debug amazon-linux-2023-upgrade-python3-devel amazon-linux-2023-upgrade-python3-idle amazon-linux-2023-upgrade-python3-libs amazon-linux-2023-upgrade-python3-test amazon-linux-2023-upgrade-python3-tkinter amazon-linux-2023-upgrade-python-unversioned-command References https://attackerkb.com/topics/cve-2023-27043 CVE - 2023-27043 https://alas.aws.amazon.com/AL2023/ALAS-2023-252.html https://alas.aws.amazon.com/AL2023/ALAS-2024-788.html https://alas.aws.amazon.com/AL2023/ALAS-2024-790.html

FreeBSD: VID-90C48C04-D549-4FC0-A503-4775E32D438E (CVE-2023-2137): chromium -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-2137

SUSE: CVE-2022-2084: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/19/2023 Created 06/27/2023 Added 06/26/2023 Modified 01/28/2025 Description Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords. Solution(s) suse-upgrade-cloud-init suse-upgrade-cloud-init-config-suse suse-upgrade-cloud-init-doc References https://attackerkb.com/topics/cve-2022-2084 CVE - 2022-2084

SUSE: CVE-2023-27043: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 04/19/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Solution(s) suse-upgrade-libpython2_7-1_0 suse-upgrade-libpython2_7-1_0-32bit suse-upgrade-libpython3_10-1_0 suse-upgrade-libpython3_10-1_0-32bit suse-upgrade-libpython3_11-1_0 suse-upgrade-libpython3_11-1_0-32bit suse-upgrade-libpython3_4m1_0 suse-upgrade-libpython3_4m1_0-32bit suse-upgrade-libpython3_6m1_0 suse-upgrade-libpython3_6m1_0-32bit suse-upgrade-libpython3_9-1_0 suse-upgrade-libpython3_9-1_0-32bit suse-upgrade-python suse-upgrade-python-32bit suse-upgrade-python-base suse-upgrade-python-base-32bit suse-upgrade-python-curses suse-upgrade-python-demo suse-upgrade-python-devel suse-upgrade-python-doc suse-upgrade-python-doc-pdf suse-upgrade-python-gdbm suse-upgrade-python-idle suse-upgrade-python-tk suse-upgrade-python-xml suse-upgrade-python3 suse-upgrade-python3-base suse-upgrade-python3-curses suse-upgrade-python3-dbm suse-upgrade-python3-devel suse-upgrade-python3-doc suse-upgrade-python3-doc-devhelp suse-upgrade-python3-idle suse-upgrade-python3-testsuite suse-upgrade-python3-tk suse-upgrade-python3-tools suse-upgrade-python310 suse-upgrade-python310-32bit suse-upgrade-python310-base suse-upgrade-python310-base-32bit suse-upgrade-python310-curses suse-upgrade-python310-dbm suse-upgrade-python310-devel suse-upgrade-python310-doc suse-upgrade-python310-doc-devhelp suse-upgrade-python310-idle suse-upgrade-python310-testsuite suse-upgrade-python310-tk suse-upgrade-python310-tools suse-upgrade-python311 suse-upgrade-python311-32bit suse-upgrade-python311-base suse-upgrade-python311-base-32bit suse-upgrade-python311-curses suse-upgrade-python311-dbm suse-upgrade-python311-devel suse-upgrade-python311-doc suse-upgrade-python311-doc-devhelp suse-upgrade-python311-idle suse-upgrade-python311-testsuite suse-upgrade-python311-tk suse-upgrade-python311-tools suse-upgrade-python36 suse-upgrade-python36-base suse-upgrade-python36-devel suse-upgrade-python39 suse-upgrade-python39-32bit suse-upgrade-python39-base suse-upgrade-python39-base-32bit suse-upgrade-python39-curses suse-upgrade-python39-dbm suse-upgrade-python39-devel suse-upgrade-python39-doc suse-upgrade-python39-doc-devhelp suse-upgrade-python39-idle suse-upgrade-python39-testsuite suse-upgrade-python39-tk suse-upgrade-python39-tools References https://attackerkb.com/topics/cve-2023-27043 CVE - 2023-27043

Oracle Linux: CVE-2023-27043: ELSA-2024-0256:python3 security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 04/19/2023 Created 01/18/2024 Added 01/16/2024 Modified 01/08/2025 Description The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Solution(s) oracle-linux-upgrade-platform-python oracle-linux-upgrade-platform-python-debug oracle-linux-upgrade-platform-python-devel oracle-linux-upgrade-python3 oracle-linux-upgrade-python3-11 oracle-linux-upgrade-python3-11-debug oracle-linux-upgrade-python3-11-devel oracle-linux-upgrade-python3-11-idle oracle-linux-upgrade-python3-11-libs oracle-linux-upgrade-python3-11-rpm-macros oracle-linux-upgrade-python3-11-test oracle-linux-upgrade-python3-11-tkinter oracle-linux-upgrade-python39 oracle-linux-upgrade-python39-attrs oracle-linux-upgrade-python39-cffi oracle-linux-upgrade-python39-chardet oracle-linux-upgrade-python39-cryptography oracle-linux-upgrade-python39-cython oracle-linux-upgrade-python39-debug oracle-linux-upgrade-python39-devel oracle-linux-upgrade-python39-idle oracle-linux-upgrade-python39-idna oracle-linux-upgrade-python39-iniconfig oracle-linux-upgrade-python39-libs oracle-linux-upgrade-python39-lxml oracle-linux-upgrade-python39-mod-wsgi oracle-linux-upgrade-python39-more-itertools oracle-linux-upgrade-python39-numpy oracle-linux-upgrade-python39-numpy-doc oracle-linux-upgrade-python39-numpy-f2py oracle-linux-upgrade-python39-packaging oracle-linux-upgrade-python39-pip oracle-linux-upgrade-python39-pip-wheel oracle-linux-upgrade-python39-pluggy oracle-linux-upgrade-python39-ply oracle-linux-upgrade-python39-psutil oracle-linux-upgrade-python39-psycopg2 oracle-linux-upgrade-python39-psycopg2-doc oracle-linux-upgrade-python39-psycopg2-tests oracle-linux-upgrade-python39-py oracle-linux-upgrade-python39-pybind11 oracle-linux-upgrade-python39-pybind11-devel oracle-linux-upgrade-python39-pycparser oracle-linux-upgrade-python39-pymysql oracle-linux-upgrade-python39-pyparsing oracle-linux-upgrade-python39-pysocks oracle-linux-upgrade-python39-pytest oracle-linux-upgrade-python39-pyyaml oracle-linux-upgrade-python39-requests oracle-linux-upgrade-python39-rpm-macros oracle-linux-upgrade-python39-scipy oracle-linux-upgrade-python39-setuptools oracle-linux-upgrade-python39-setuptools-wheel oracle-linux-upgrade-python39-six oracle-linux-upgrade-python39-test oracle-linux-upgrade-python39-tkinter oracle-linux-upgrade-python39-toml oracle-linux-upgrade-python39-urllib3 oracle-linux-upgrade-python39-wcwidth oracle-linux-upgrade-python39-wheel oracle-linux-upgrade-python39-wheel-wheel oracle-linux-upgrade-python3-debug oracle-linux-upgrade-python3-devel oracle-linux-upgrade-python3-idle oracle-linux-upgrade-python3-libs oracle-linux-upgrade-python3-test oracle-linux-upgrade-python3-tkinter oracle-linux-upgrade-python-unversioned-command References https://attackerkb.com/topics/cve-2023-27043 CVE - 2023-27043 ELSA-2024-0256 ELSA-2024-0466 ELSA-2024-3062 ELSA-2024-2292 ELSA-2024-2985

SUSE: CVE-2023-2166: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/19/2023 Created 08/15/2023 Added 08/15/2023 Modified 01/28/2025 Description A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-2166 CVE - 2023-2166

Gentoo Linux: CVE-2023-2137: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2137 CVE - 2023-2137 202309-17

Gentoo Linux: CVE-2023-2136: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2136 CVE - 2023-2136 202309-17

Gentoo Linux: CVE-2023-2133: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2133 CVE - 2023-2133 202309-17

Gentoo Linux: CVE-2023-2135: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 04/19/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-2135 CVE - 2023-2135 202309-17

Ubuntu: USN-6031-1 (CVE-2022-21505): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 04/19/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/30/2025 Description In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Solution(s) ubuntu-upgrade-linux-image-5-17-0-1030-oem ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a References https://attackerkb.com/topics/cve-2022-21505 CVE - 2022-21505 USN-6031-1