ISHACK AI BOT

OS X update for ImageIO (CVE-2023-27946) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-27946 CVE - 2023-27946 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

OS X update for PackageKit (CVE-2023-27962) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-27962 CVE - 2023-27962 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

Debian: CVE-2023-0465: openssl -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/02/2023 Added 06/02/2023 Modified 01/30/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) debian-upgrade-openssl References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465 DSA-5417-1

OS X update for Identity Services (CVE-2023-27928) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to access information about a user’s contacts. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-27928 CVE - 2023-27928 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675

Debian: CVE-2023-0466: openssl -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/02/2023 Added 06/02/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) debian-upgrade-openssl References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466 DSA-5417-1

Huawei EulerOS: CVE-2023-0466: openssl security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) huawei-euleros-2_0_sp10-upgrade-openssl huawei-euleros-2_0_sp10-upgrade-openssl-libs huawei-euleros-2_0_sp10-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466 EulerOS-SA-2023-1825

Apple Safari security update for CVE-2023-27954 Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information. Solution(s) apple-safari-upgrade-16_4 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-27954 CVE - 2023-27954 http://support.apple.com/kb/HT213671

Gentoo Linux: CVE-2022-23124: Netatalk: Multiple Vulnerabilities including root remote code execution Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 11/02/2023 Added 11/02/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_finderinfo method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15870. Solution(s) gentoo-linux-upgrade-net-fs-netatalk References https://attackerkb.com/topics/cve-2022-23124 CVE - 2022-23124 202311-02

Apple Safari security update for CVE-2023-27932 Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy. Solution(s) apple-safari-upgrade-16_4 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-27932 CVE - 2023-27932 http://support.apple.com/kb/HT213671

CentOS Linux: CVE-2023-0465: Moderate: openssl security and bug fix update (CESA-2023:3722) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) centos-upgrade-openssl centos-upgrade-openssl-debuginfo centos-upgrade-openssl-debugsource centos-upgrade-openssl-devel centos-upgrade-openssl-libs centos-upgrade-openssl-libs-debuginfo centos-upgrade-openssl-perl References CVE-2023-0465

Oracle Linux: CVE-2023-28427: ELSA-2023-1802:thunderbird security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 05/05/2023 Added 04/18/2023 Modified 01/07/2025 Description matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability. The Mozilla Foundation Security Advisory describes this flaw as: Thunderbird users who use the Matrix chat protocol were vulnerable to a denial-of-service attack. Solution(s) oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-28427 CVE - 2023-28427 ELSA-2023-1802 ELSA-2023-1806 ELSA-2023-1809

Oracle Linux: CVE-2023-28464: ELSA-2024-2394:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/28/2023 Created 05/21/2024 Added 05/14/2024 Modified 01/07/2025 Description hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. A double-free vulnerability was found in the hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux Kernel. This issue may cause a denial of service or privilege escalation. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-28464 CVE - 2023-28464 ELSA-2024-2394 ELSA-2024-3138

SUSE: CVE-2023-0465: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) suse-upgrade-libopenssl-1_0_0-devel suse-upgrade-libopenssl-1_0_0-devel-32bit suse-upgrade-libopenssl-1_1-devel suse-upgrade-libopenssl-1_1-devel-32bit suse-upgrade-libopenssl-3-devel suse-upgrade-libopenssl-3-devel-32bit suse-upgrade-libopenssl-devel suse-upgrade-libopenssl0_9_8 suse-upgrade-libopenssl0_9_8-32bit suse-upgrade-libopenssl0_9_8-hmac suse-upgrade-libopenssl0_9_8-hmac-32bit suse-upgrade-libopenssl1-devel suse-upgrade-libopenssl10 suse-upgrade-libopenssl1_0_0 suse-upgrade-libopenssl1_0_0-32bit suse-upgrade-libopenssl1_0_0-hmac suse-upgrade-libopenssl1_0_0-hmac-32bit suse-upgrade-libopenssl1_0_0-steam suse-upgrade-libopenssl1_0_0-steam-32bit suse-upgrade-libopenssl1_1 suse-upgrade-libopenssl1_1-32bit suse-upgrade-libopenssl1_1-hmac suse-upgrade-libopenssl1_1-hmac-32bit suse-upgrade-libopenssl3 suse-upgrade-libopenssl3-32bit suse-upgrade-openssl suse-upgrade-openssl-1_0_0 suse-upgrade-openssl-1_0_0-cavs suse-upgrade-openssl-1_0_0-doc suse-upgrade-openssl-1_1 suse-upgrade-openssl-1_1-doc suse-upgrade-openssl-3 suse-upgrade-openssl-3-doc suse-upgrade-openssl-doc suse-upgrade-openssl1 suse-upgrade-openssl1-doc References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465

OS X update for Kernel (CVE-2023-28200) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-28200 CVE - 2023-28200 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677 https://support.apple.com/kb/HT213843

Ubuntu: USN-6146-1 (CVE-2022-23123): Netatalk vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830. Solution(s) ubuntu-pro-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23123 CVE - 2022-23123 DSA-5503 USN-6146-1

OpenSSL vulnerability (CVE-2023-0466) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/06/2024 Added 06/05/2024 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) http-openssl-1_0_2-upgrade-1_0_2_z_h http-openssl-1_1_1-upgrade-1_1_1_u http-openssl-3_0_9-upgrade-3_0_9 http-openssl-3_1_1-upgrade-3_1_1 References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466

OS X update for Foundation (CVE-2023-27937) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-27937 CVE - 2023-27937 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

Gentoo Linux: CVE-2022-23122: Netatalk: Multiple Vulnerabilities including root remote code execution Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 11/02/2023 Added 11/02/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837. Solution(s) gentoo-linux-upgrade-net-fs-netatalk References https://attackerkb.com/topics/cve-2022-23122 CVE - 2022-23122 202311-02

Debian: CVE-2023-28427: thunderbird -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:C) Published 03/28/2023 Created 05/05/2023 Added 04/25/2023 Modified 01/30/2025 Description matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-28427 CVE - 2023-28427 DLA-3400-1 DSA-5392-1

Ubuntu: USN-6039-1 (CVE-2023-0465): openssl vulnerability Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 05/05/2023 Added 05/01/2023 Modified 02/03/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) ubuntu-pro-upgrade-openssl ubuntu-pro-upgrade-openssl1-0 References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465 USN-6039-1 https://ubuntu.com/security/notices/USN-6039-1 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://www.openssl.org/news/secadv/20230328.txt

Ubuntu: USN-6146-1 (CVE-2022-23125): Netatalk vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869. Solution(s) ubuntu-pro-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23125 CVE - 2022-23125 DSA-5503 USN-6146-1

Ubuntu: USN-6146-1 (CVE-2022-23122): Netatalk vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837. Solution(s) ubuntu-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23122 CVE - 2022-23122 DSA-5503 USN-6146-1

Debian: CVE-2022-23125: netatalk -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869. Solution(s) debian-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23125 CVE - 2022-23125 DLA-3426-1 DSA-5503

Debian: CVE-2022-0194: netatalk -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876. Solution(s) debian-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-0194 CVE - 2022-0194 DLA-3426-1 DSA-5503

Debian: CVE-2022-23121: netatalk -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819. Solution(s) debian-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23121 CVE - 2022-23121 DLA-3426-1 DSA-5503