ISHACK AI BOT

Oracle Linux: CVE-2023-0466: ELSA-2023-12768:openssl security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/07/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. A flaw was found in OpenSSL. The X509_VERIFY_PARAM_add0_policy() function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass the certificate verification. Suddenly enabling the policy check could break existing deployments, so it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. The applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) oracle-linux-upgrade-openssl oracle-linux-upgrade-openssl-devel oracle-linux-upgrade-openssl-libs oracle-linux-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466 ELSA-2023-12768 ELSA-2023-3722

Red Hat: CVE-2023-0466: Certificate policy check not enabled (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) redhat-upgrade-openssl redhat-upgrade-openssl-debuginfo redhat-upgrade-openssl-debugsource redhat-upgrade-openssl-devel redhat-upgrade-openssl-libs redhat-upgrade-openssl-libs-debuginfo redhat-upgrade-openssl-perl References CVE-2023-0466 RHSA-2023:3722

Rapid7 Insight Agent: CVE-2023-0465: Improper Certificate Validation Severity 1 CVSS (AV:L/AC:H/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 03/20/2024 Added 03/19/2024 Modified 04/23/2024 Description Rapid7 Insight Agent versions below 4.0.6.14 suffer from a Improper Certificate Validation vulnerability. Solution(s) rapid7-insightagent-upgrade-4_0_6_14 References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465 https://docs.rapid7.com/release-notes/insightagent/20240314/

SUSE: CVE-2023-0466: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) suse-upgrade-libopenssl-1_0_0-devel suse-upgrade-libopenssl-1_0_0-devel-32bit suse-upgrade-libopenssl-1_1-devel suse-upgrade-libopenssl-1_1-devel-32bit suse-upgrade-libopenssl-3-devel suse-upgrade-libopenssl-3-devel-32bit suse-upgrade-libopenssl-devel suse-upgrade-libopenssl1-devel suse-upgrade-libopenssl10 suse-upgrade-libopenssl1_0_0 suse-upgrade-libopenssl1_0_0-32bit suse-upgrade-libopenssl1_0_0-hmac suse-upgrade-libopenssl1_0_0-hmac-32bit suse-upgrade-libopenssl1_0_0-steam suse-upgrade-libopenssl1_0_0-steam-32bit suse-upgrade-libopenssl1_1 suse-upgrade-libopenssl1_1-32bit suse-upgrade-libopenssl1_1-hmac suse-upgrade-libopenssl1_1-hmac-32bit suse-upgrade-libopenssl3 suse-upgrade-libopenssl3-32bit suse-upgrade-openssl suse-upgrade-openssl-1_0_0 suse-upgrade-openssl-1_0_0-cavs suse-upgrade-openssl-1_0_0-doc suse-upgrade-openssl-1_1 suse-upgrade-openssl-1_1-doc suse-upgrade-openssl-3 suse-upgrade-openssl-3-doc suse-upgrade-openssl-doc suse-upgrade-openssl1 suse-upgrade-openssl1-doc References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466

Alpine Linux: CVE-2022-23125: Out-of-bounds Write Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/01/2024 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869. Solution(s) alpine-linux-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23125 CVE - 2022-23125 https://security.alpinelinux.org/vuln/CVE-2022-23125

Alpine Linux: CVE-2022-23123: Out-of-bounds Read Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830. Solution(s) alpine-linux-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23123 CVE - 2022-23123 https://security.alpinelinux.org/vuln/CVE-2022-23123

Huawei EulerOS: CVE-2023-0465: shim security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/30/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) huawei-euleros-2_0_sp9-upgrade-shim huawei-euleros-2_0_sp9-upgrade-shim-aa64-storage References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465 EulerOS-SA-2023-2344

Huawei EulerOS: CVE-2023-0466: openssl security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) huawei-euleros-2_0_sp9-upgrade-openssl huawei-euleros-2_0_sp9-upgrade-openssl-libs huawei-euleros-2_0_sp9-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466 EulerOS-SA-2023-2337

OS X update for Sandbox (CVE-2023-28178) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to bypass Privacy preferences. Solution(s) apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-28178 CVE - 2023-28178 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213677

Rocky Linux: CVE-2022-36059: thunderbird (RLSA-2022-6708) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/30/2025 Description matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2022-36059 CVE - 2022-36059 https://errata.rockylinux.org/RLSA-2022:6708

Alpine Linux: CVE-2022-23122: Out-of-bounds Write Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837. Solution(s) alpine-linux-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-23122 CVE - 2022-23122 https://security.alpinelinux.org/vuln/CVE-2022-23122

Alpine Linux: CVE-2022-36060: Prototype Pollution Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/28/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear functional, though certain rooms/events will not be rendered. This issue has been fixed in matrix-react-sdk 3.53.0 and users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) alpine-linux-upgrade-riot-web alpine-linux-upgrade-element-web References https://attackerkb.com/topics/cve-2022-36060 CVE - 2022-36060 https://security.alpinelinux.org/vuln/CVE-2022-36060

Gentoo Linux: CVE-2022-23125: Netatalk: Multiple Vulnerabilities including root remote code execution Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 11/02/2023 Added 11/02/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869. Solution(s) gentoo-linux-upgrade-net-fs-netatalk References https://attackerkb.com/topics/cve-2022-23125 CVE - 2022-23125 202311-02

Microsoft Edge Chromium: CVE-2023-28286 Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 03/27/2023 Created 03/27/2023 Added 03/27/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-28286 CVE - 2023-28286 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28286

Amazon Linux AMI 2: CVE-2021-3923: Security patch for kernel (Multiple Advisories) Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 10/17/2023 Added 10/17/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-262-200-489 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-93-87-444 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-43-20-103 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2021-3923 AL2/ALAS-2022-1749 AL2/ALASKERNEL-5.10-2022-009 AL2/ALASKERNEL-5.15-2023-023 AL2/ALASKERNEL-5.4-2022-021 CVE - 2021-3923

Huawei EulerOS: CVE-2021-3923: kernel security update Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) huawei-euleros-2_0_sp5-upgrade-kernel huawei-euleros-2_0_sp5-upgrade-kernel-devel huawei-euleros-2_0_sp5-upgrade-kernel-headers huawei-euleros-2_0_sp5-upgrade-kernel-tools huawei-euleros-2_0_sp5-upgrade-kernel-tools-libs huawei-euleros-2_0_sp5-upgrade-perf huawei-euleros-2_0_sp5-upgrade-python-perf References https://attackerkb.com/topics/cve-2021-3923 CVE - 2021-3923 EulerOS-SA-2023-2152

Amazon Linux AMI 2: CVE-2023-1076: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 03/27/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-173-154-642 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-102-61-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1076 AL2/ALASKERNEL-5.10-2023-028 AL2/ALASKERNEL-5.15-2023-015 AL2/ALASKERNEL-5.4-2023-043 CVE - 2023-1076

Oracle WebLogic: CVE-2023-20860 : Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 03/27/2023 Created 07/19/2023 Added 07/19/2023 Modified 01/30/2025 Description Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. Solution(s) oracle-weblogic-jul-2023-cpu-12_2_1_4_0 oracle-weblogic-jul-2023-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2023-20860 CVE - 2023-20860 http://www.oracle.com/security-alerts/cpujul2023.html https://support.oracle.com/rs?type=doc&id=2958367.2

Amazon Linux AMI 2: CVE-2023-1073: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 02/08/2024 Added 02/07/2024 Modified 01/28/2025 Description A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-305-227-531 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-167-147-601 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-93-55-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1073 AL2/ALAS-2024-2448 AL2/ALASKERNEL-5.10-2023-027 AL2/ALASKERNEL-5.15-2024-037 AL2/ALASKERNEL-5.4-2023-042 CVE - 2023-1073

VMware Photon OS: CVE-2023-28866 Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-28866 CVE - 2023-28866

Huawei EulerOS: CVE-2023-1076: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 03/27/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1076 CVE - 2023-1076 EulerOS-SA-2023-1978

Huawei EulerOS: CVE-2021-3923: kernel security update Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2021-3923 CVE - 2021-3923 EulerOS-SA-2023-1824

Microsoft Edge Chromium: CVE-2023-28261 Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:P/A:N) Published 03/27/2023 Created 03/27/2023 Added 03/27/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-28261 CVE - 2023-28261 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28261

Oracle Linux: CVE-2023-28866: ELSA-2024-2394:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/27/2023 Created 05/21/2024 Added 05/14/2024 Modified 11/29/2024 Description In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. An out-of-bounds (OOB) memory access flaw was found in net/bluetooth/hci_sync.c due to a missing exit patch while in loop in amp_init1[] and amp_init2[]. This issue could allow an attacker to leak internal kernel information. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-28866 CVE - 2023-28866 ELSA-2024-2394

Oracle Linux: CVE-2023-1380: ELSA-2023-12688: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 03/27/2023 Created 08/02/2023 Added 08/01/2023 Modified 01/23/2025 Description A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-1380 CVE - 2023-1380 ELSA-2023-12688