ISHACK AI BOT

SUSE: CVE-2023-1079: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/27/2023 Created 06/15/2023 Added 06/15/2023 Modified 01/28/2025 Description A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-1079 CVE - 2023-1079

Rocky Linux: CVE-2023-0494: tigervnc (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. Solution(s) rocky-upgrade-tigervnc rocky-upgrade-tigervnc-debuginfo rocky-upgrade-tigervnc-debugsource rocky-upgrade-tigervnc-server rocky-upgrade-tigervnc-server-debuginfo rocky-upgrade-tigervnc-server-minimal rocky-upgrade-tigervnc-server-minimal-debuginfo rocky-upgrade-tigervnc-server-module rocky-upgrade-tigervnc-server-module-debuginfo References https://attackerkb.com/topics/cve-2023-0494 CVE - 2023-0494 https://errata.rockylinux.org/RLSA-2023:0622 https://errata.rockylinux.org/RLSA-2023:0662

Alma Linux: CVE-2023-0778: Moderate: container-tools:rhel8 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:N) Published 03/27/2023 Created 05/23/2023 Added 05/23/2023 Modified 01/28/2025 Description A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-fuse-overlayfs alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2023-0778 CVE - 2023-0778 https://errata.almalinux.org/8/ALSA-2023-2758.html https://errata.almalinux.org/8/ALSA-2023-2802.html

VMware Photon OS: CVE-2023-1076 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 03/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1076 CVE - 2023-1076

Amazon Linux AMI: CVE-2023-1077: Security patch for kernel (ALAS-2024-1942) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 07/09/2024 Added 07/04/2024 Modified 01/28/2025 Description In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. Solution(s) amazon-linux-upgrade-kernel References ALAS-2024-1942 CVE-2023-1077

VMware Photon OS: CVE-2023-1637 Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/27/2023 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1637 CVE - 2023-1637

Amazon Linux 2023: CVE-2023-0465: Medium priority package update for openssl Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) amazon-linux-2023-upgrade-openssl amazon-linux-2023-upgrade-openssl-debuginfo amazon-linux-2023-upgrade-openssl-debugsource amazon-linux-2023-upgrade-openssl-devel amazon-linux-2023-upgrade-openssl-libs amazon-linux-2023-upgrade-openssl-libs-debuginfo amazon-linux-2023-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465 https://alas.aws.amazon.com/AL2023/ALAS-2023-181.html

Debian: CVE-2022-36059: thunderbird -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible. Solution(s) debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2022-36059 CVE - 2022-36059

Huawei EulerOS: CVE-2023-0465: shim security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/30/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) huawei-euleros-2_0_sp10-upgrade-shim huawei-euleros-2_0_sp10-upgrade-shim-aa64-storage References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465 EulerOS-SA-2023-2395

Gentoo Linux: CVE-2022-23123: Netatalk: Multiple Vulnerabilities including root remote code execution Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 11/02/2023 Added 11/02/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830. Solution(s) gentoo-linux-upgrade-net-fs-netatalk References https://attackerkb.com/topics/cve-2022-23123 CVE - 2022-23123 202311-02

Ubuntu: USN-6146-1 (CVE-2022-0194): Netatalk vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876. Solution(s) ubuntu-upgrade-netatalk References https://attackerkb.com/topics/cve-2022-0194 CVE - 2022-0194 DSA-5503 USN-6146-1

FreeBSD: VID-9B60BBA1-CF18-11ED-BD44-080027F5FEC9 (CVE-2023-28755): rubygem-uri -- ReDoS vulnerability Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/28/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) freebsd-upgrade-package-ruby freebsd-upgrade-package-ruby27 freebsd-upgrade-package-ruby30 freebsd-upgrade-package-ruby31 freebsd-upgrade-package-ruby32 freebsd-upgrade-package-rubygem-uri References CVE-2023-28755

CentOS Linux: CVE-2023-0466: Moderate: openssl security and bug fix update (CESA-2023:3722) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) centos-upgrade-openssl centos-upgrade-openssl-debuginfo centos-upgrade-openssl-debugsource centos-upgrade-openssl-devel centos-upgrade-openssl-libs centos-upgrade-openssl-libs-debuginfo centos-upgrade-openssl-perl References CVE-2023-0466

FreeBSD: (Multiple Advisories) (CVE-2023-0465): OpenSSL -- Multiple vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 04/04/2023 Added 03/31/2023 Modified 01/28/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) freebsd-upgrade-package-openssl freebsd-upgrade-package-openssl-quic freebsd-upgrade-package-openssl30 freebsd-upgrade-package-openssl31 freebsd-upgrade-package-python310 freebsd-upgrade-package-python311 freebsd-upgrade-package-python37 freebsd-upgrade-package-python38 freebsd-upgrade-package-python39 References CVE-2023-0465

FreeBSD: (Multiple Advisories) (CVE-2023-0466): OpenSSL -- Multiple vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 04/04/2023 Added 03/31/2023 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) freebsd-upgrade-package-openssl freebsd-upgrade-package-openssl-quic freebsd-upgrade-package-openssl30 freebsd-upgrade-package-openssl31 freebsd-upgrade-package-python310 freebsd-upgrade-package-python311 freebsd-upgrade-package-python37 freebsd-upgrade-package-python38 freebsd-upgrade-package-python39 References CVE-2023-0466

Huawei EulerOS: CVE-2023-0466: linux-sgx security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. Solution(s) huawei-euleros-2_0_sp11-upgrade-libsgx-ae-le huawei-euleros-2_0_sp11-upgrade-libsgx-aesm-launch-plugin huawei-euleros-2_0_sp11-upgrade-libsgx-enclave-common huawei-euleros-2_0_sp11-upgrade-libsgx-launch huawei-euleros-2_0_sp11-upgrade-libsgx-urts huawei-euleros-2_0_sp11-upgrade-sgx-aesm-service References https://attackerkb.com/topics/cve-2023-0466 CVE - 2023-0466 EulerOS-SA-2023-3047

OpenSSL vulnerability (CVE-2023-0465) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/28/2023 Created 06/06/2024 Added 06/05/2024 Modified 01/30/2025 Description Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) http-openssl-1_0_2-upgrade-1_0_2_z_h http-openssl-1_1_1-upgrade-1_1_1_u http-openssl-3_0_9-upgrade-3_0_9 http-openssl-3_1_1-upgrade-3_1_1 References https://attackerkb.com/topics/cve-2023-0465 CVE - 2023-0465

SUSE: CVE-2023-1075: SUSE Linux Security Advisory Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 03/27/2023 Created 03/29/2023 Added 03/29/2023 Modified 01/28/2025 Description A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-1075 CVE - 2023-1075

Debian: CVE-2021-3923: linux -- security update Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2021-3923 CVE - 2021-3923

Debian: CVE-2023-1078: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1078 CVE - 2023-1078 DLA-3403-1 DLA-3404-1

Debian: CVE-2023-1075: linux -- security update Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 03/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1075 CVE - 2023-1075

Debian: CVE-2023-1073: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1073 CVE - 2023-1073 DLA-3403-1 DLA-3404-1

Debian: CVE-2023-1637: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1637 CVE - 2023-1637

Debian: CVE-2023-1076: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 03/27/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1076 CVE - 2023-1076 DLA-3404-1

Debian: CVE-2023-1077: linux -- security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1077 CVE - 2023-1077 DLA-3404-1