ISHACK AI BOT

Juniper Junos OS: 2023-04 Security Bulletin: Junos OS: JRR200: Kernel crash upon receipt of a specific packet (JSA70594) (CVE-2023-28970) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 04/12/2023 Created 05/05/2023 Added 04/13/2023 Modified 12/06/2023 Description An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by an attacker on the local broadcast domain. Packets routed to the device are unable to trigger this crash. This issue affects Juniper Networks Junos OS on JRR200: All versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S2, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2; 22.4 versions prior to 22.4R1-S1, 22.4R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-28970 CVE - 2023-28970 JSA70594

OS X update for ImageIO (CVE-2023-27929) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 04/12/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory. Solution(s) apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-27929 CVE - 2023-27929 https://support.apple.com/kb/HT213670

OS X update for iCloud (CVE-2023-23526) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper. Solution(s) apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-23526 CVE - 2023-23526 https://support.apple.com/kb/HT213670

OS X update for Safari (CVE-2023-27952) Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:C/A:N) Published 04/12/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks. Solution(s) apple-osx-upgrade-13_3 apple-osx-upgrade-14_6 References https://attackerkb.com/topics/cve-2023-27952 CVE - 2023-27952 https://support.apple.com/en-us/120911 https://support.apple.com/kb/HT213670

OS X update for CoreCapture (CVE-2023-28181) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.4, macOS Big Sur 11.7.7, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. Solution(s) apple-osx-upgrade-11_7_7 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-28181 CVE - 2023-28181 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213677 https://support.apple.com/kb/HT213760

FreeBSD: VID-96D6809A-81DF-46D4-87ED-2F78C79F06B1: zeek -- potential DoS vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/12/2023 Created 05/05/2023 Added 04/14/2023 Modified 04/14/2023 Description Tim Wojtulewicz of Corelight reports: Receiving DNS responses from async DNS requests (via A specially-crafted stream of FTP packets containing a command reply with many intermediate lines can cause Zeek to spend a large amount of time processing data. A specially-crafted set of packets containing extremely large file offsets cause cause the reassembler code to allocate large amounts of memory. The DNS manager does not correctly expire responses that don't contain any data, such those containing NXDOMAIN or NODATA status codes. This can lead to Zeek allocating large amounts of memory for these responses and never deallocating them. A specially-crafted stream of RDP packets can cause Zeek to spend large protocol validation. A specially-crafted stream of SMTP packets can cause Zeek to spend large amounts of time processing data. Solution(s) freebsd-upgrade-package-zeek

SUSE: CVE-2023-1993: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file Solution(s) suse-upgrade-libwireshark15 suse-upgrade-libwiretap12 suse-upgrade-libwsutil13 suse-upgrade-wireshark suse-upgrade-wireshark-devel suse-upgrade-wireshark-ui-qt References https://attackerkb.com/topics/cve-2023-1993 CVE - 2023-1993 DSA-5429

SUSE: CVE-2023-28488: SUSE Linux Security Advisory Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 04/12/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process. Solution(s) suse-upgrade-connman suse-upgrade-connman-client suse-upgrade-connman-devel suse-upgrade-connman-doc suse-upgrade-connman-nmcompat suse-upgrade-connman-plugin-hh2serial-gps suse-upgrade-connman-plugin-iospm suse-upgrade-connman-plugin-l2tp suse-upgrade-connman-plugin-openvpn suse-upgrade-connman-plugin-polkit suse-upgrade-connman-plugin-pptp suse-upgrade-connman-plugin-tist suse-upgrade-connman-plugin-vpnc suse-upgrade-connman-plugin-wireguard suse-upgrade-connman-test References https://attackerkb.com/topics/cve-2023-28488 CVE - 2023-28488 DSA-5416

Gentoo Linux: CVE-2022-48468: protobuf-c: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/13/2023 Created 08/14/2024 Added 08/13/2024 Modified 01/28/2025 Description protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Solution(s) gentoo-linux-upgrade-dev-libs-protobuf-c References https://attackerkb.com/topics/cve-2022-48468 CVE - 2022-48468 202408-33

Ubuntu: USN-6015-1 (CVE-2023-0547): Thunderbird vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 04/13/2023 Created 05/05/2023 Added 04/17/2023 Modified 01/28/2025 Description OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird < 102.10. Solution(s) ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-0547 CVE - 2023-0547 USN-6015-1

VMware Photon OS: CVE-2022-48468 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/13/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48468 CVE - 2022-48468

SUSE: CVE-2022-48468: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/13/2023 Created 05/05/2023 Added 04/26/2023 Modified 01/28/2025 Description protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Solution(s) suse-upgrade-libprotobuf-c-devel suse-upgrade-libprotobuf-c1 suse-upgrade-protobuf-c References https://attackerkb.com/topics/cve-2022-48468 CVE - 2022-48468

Rocky Linux: CVE-2023-30630: dmidecode (RLSA-2023-5061) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/13/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. Solution(s) rocky-upgrade-dmidecode rocky-upgrade-dmidecode-debuginfo rocky-upgrade-dmidecode-debugsource References https://attackerkb.com/topics/cve-2023-30630 CVE - 2023-30630 https://errata.rockylinux.org/RLSA-2023:5061

Alma Linux: CVE-2022-48468: Moderate: protobuf-c security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/13/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Solution(s) alma-upgrade-protobuf-c alma-upgrade-protobuf-c-compiler alma-upgrade-protobuf-c-devel References https://attackerkb.com/topics/cve-2022-48468 CVE - 2022-48468 https://errata.almalinux.org/8/ALSA-2023-6944.html https://errata.almalinux.org/9/ALSA-2023-6621.html

Amazon Linux AMI 2: CVE-2023-30630: Security patch for dmidecode (ALAS-2024-2395) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/13/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. Solution(s) amazon-linux-ami-2-upgrade-dmidecode amazon-linux-ami-2-upgrade-dmidecode-debuginfo References https://attackerkb.com/topics/cve-2023-30630 AL2/ALAS-2024-2395 CVE - 2023-30630

CentOS Linux: CVE-2022-48468: Moderate: protobuf-c security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/13/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Solution(s) centos-upgrade-protobuf-c centos-upgrade-protobuf-c-compiler centos-upgrade-protobuf-c-compiler-debuginfo centos-upgrade-protobuf-c-debuginfo centos-upgrade-protobuf-c-debugsource centos-upgrade-protobuf-c-devel References CVE-2022-48468

Red Hat: CVE-2023-30630: dump-bin to overwrite a local file (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/13/2023 Created 09/13/2023 Added 09/13/2023 Modified 01/28/2025 Description Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. Solution(s) redhat-upgrade-dmidecode redhat-upgrade-dmidecode-debuginfo redhat-upgrade-dmidecode-debugsource References CVE-2023-30630 RHSA-2023:5061 RHSA-2023:5252

Amazon Linux 2023: CVE-2023-2019: Important priority package update for kernel Severity 4 CVSS (AV:L/AC:H/Au:M/C:N/I:N/A:C) Published 04/13/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A flaw was found in the Linux kernel&apos;s netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system. A flaw was found in the Linux kernel&apos;s netdevsim device driver within the scheduling of events. This issue results from improper management of a reference count. This flaw allows an attacker to create a denial of service condition on the system. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-10-15-42 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-2019 CVE - 2023-2019 https://alas.aws.amazon.com/AL2023/ALAS-2023-070.html

Amazon Linux 2023: CVE-2023-30630: Medium priority package update for dmidecode Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/13/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. A vulnerability was found in dmidecode, which allows -dump-bin to overwrite a local file. This issue may lead to the execution of dmidecode via Sudo. Solution(s) amazon-linux-2023-upgrade-dmidecode amazon-linux-2023-upgrade-dmidecode-debuginfo amazon-linux-2023-upgrade-dmidecode-debugsource References https://attackerkb.com/topics/cve-2023-30630 CVE - 2023-30630 https://alas.aws.amazon.com/AL2023/ALAS-2023-328.html

Amazon Linux 2023: CVE-2023-31436: Medium priority package update for kernel Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 04/13/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control (QoS) subsystem in how a user triggers the qfq_change_class function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-27-43-48 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-31436 CVE - 2023-31436 https://alas.aws.amazon.com/AL2023/ALAS-2023-179.html

Huawei EulerOS: CVE-2023-30630: dmidecode security update Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 04/13/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. Solution(s) huawei-euleros-2_0_sp9-upgrade-dmidecode References https://attackerkb.com/topics/cve-2023-30630 CVE - 2023-30630 EulerOS-SA-2023-2329

Ubuntu: (Multiple Advisories) (CVE-2023-29541): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/17/2023 Modified 01/28/2025 Description Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-29541 CVE - 2023-29541 USN-6010-1 USN-6010-2 USN-6010-3 USN-6015-1

Ubuntu: (Multiple Advisories) (CVE-2023-29535): Firefox vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/17/2023 Modified 01/28/2025 Description Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-libmozjs-102-0 ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-29535 CVE - 2023-29535 USN-6010-1 USN-6010-2 USN-6010-3 USN-6015-1 USN-6120-1

Ubuntu: (Multiple Advisories) (CVE-2023-29551): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/17/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2023-29551 CVE - 2023-29551 USN-6010-1 USN-6010-2 USN-6010-3

Ubuntu: (Multiple Advisories) (CVE-2023-29544): Firefox vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/12/2023 Created 05/05/2023 Added 04/17/2023 Modified 01/28/2025 Description If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2023-29544 CVE - 2023-29544 USN-6010-1 USN-6010-2 USN-6010-3