ISHACK AI BOT

Huawei EulerOS: CVE-2023-1637: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/27/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1637 CVE - 2023-1637 EulerOS-SA-2023-2689

Huawei EulerOS: CVE-2023-1073: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 07/05/2023 Added 07/05/2023 Modified 01/28/2025 Description A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1073 CVE - 2023-1073 EulerOS-SA-2023-2296

Huawei EulerOS: CVE-2023-0494: xorg-x11-server security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. Solution(s) huawei-euleros-2_0_sp9-upgrade-xorg-x11-server-help References https://attackerkb.com/topics/cve-2023-0494 CVE - 2023-0494 EulerOS-SA-2024-1210

Debian: CVE-2023-1079: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/27/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1079 CVE - 2023-1079 DLA-3403-1 DLA-3404-1

Debian: CVE-2023-1074: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/27/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/30/2025 Description A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1074 CVE - 2023-1074 DLA-3403-1 DLA-3404-1

VMware Photon OS: CVE-2023-1078 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1078 CVE - 2023-1078

Ubuntu: (CVE-2021-3923): linux vulnerability Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-dell300x ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 ubuntu-upgrade-linux-raspi2 ubuntu-upgrade-linux-snapdragon References https://attackerkb.com/topics/cve-2021-3923 CVE - 2021-3923 https://git.kernel.org/linus/b35a0f4dd544eaa6162b6d2f13a2557a121ae5fd https://www.cve.org/CVERecord?id=CVE-2021-3923

Huawei EulerOS: CVE-2021-3923: kernel security update Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2021-3923 CVE - 2021-3923 EulerOS-SA-2023-1873

Red Hat: CVE-2022-4744: kernel: tun: avoid double free in tun_free_netdev (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2022-4744 RHSA-2023:1466 RHSA-2023:1467 RHSA-2023:1468 RHSA-2023:1469 RHSA-2023:1470 RHSA-2023:1471 RHSA-2023:6901 RHSA-2023:7077 RHSA-2024:1404 View more

Amazon Linux AMI 2: CVE-2023-1637: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/27/2023 Created 08/24/2023 Added 08/24/2023 Modified 01/28/2025 Description A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-276-211-499 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-112-108-499 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-43-20-103 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1637 AL2/ALAS-2022-1793 AL2/ALAS-2024-2569 AL2/ALASKERNEL-5.10-2023-036 AL2/ALASKERNEL-5.15-2023-023 AL2/ALASKERNEL-5.4-2024-076 CVE - 2023-1637

Ubuntu: (Multiple Advisories) (CVE-2023-1380): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 03/27/2023 Created 06/01/2023 Added 06/01/2023 Modified 01/28/2025 Description A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. Solution(s) ubuntu-upgrade-linux-image-3-13-0-194-generic ubuntu-upgrade-linux-image-3-13-0-194-lowlatency ubuntu-upgrade-linux-image-4-15-0-1120-oracle ubuntu-upgrade-linux-image-4-15-0-1141-kvm ubuntu-upgrade-linux-image-4-15-0-1151-gcp ubuntu-upgrade-linux-image-4-15-0-1151-snapdragon ubuntu-upgrade-linux-image-4-15-0-1157-aws ubuntu-upgrade-linux-image-4-15-0-1166-azure ubuntu-upgrade-linux-image-4-15-0-212-generic ubuntu-upgrade-linux-image-4-15-0-212-generic-lpae ubuntu-upgrade-linux-image-4-15-0-212-lowlatency ubuntu-upgrade-linux-image-4-4-0-1119-aws ubuntu-upgrade-linux-image-4-4-0-1120-kvm ubuntu-upgrade-linux-image-4-4-0-1157-aws ubuntu-upgrade-linux-image-4-4-0-241-generic ubuntu-upgrade-linux-image-4-4-0-241-lowlatency ubuntu-upgrade-linux-image-5-15-0-1021-gkeop ubuntu-upgrade-linux-image-5-15-0-1030-raspi ubuntu-upgrade-linux-image-5-15-0-1030-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1031-ibm ubuntu-upgrade-linux-image-5-15-0-1031-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1034-gke ubuntu-upgrade-linux-image-5-15-0-1034-kvm ubuntu-upgrade-linux-image-5-15-0-1035-gcp ubuntu-upgrade-linux-image-5-15-0-1036-oracle ubuntu-upgrade-linux-image-5-15-0-1037-aws ubuntu-upgrade-linux-image-5-15-0-1039-azure ubuntu-upgrade-linux-image-5-15-0-1039-azure-fde ubuntu-upgrade-linux-image-5-15-0-73-generic ubuntu-upgrade-linux-image-5-15-0-73-generic-64k ubuntu-upgrade-linux-image-5-15-0-73-generic-lpae ubuntu-upgrade-linux-image-5-15-0-73-lowlatency ubuntu-upgrade-linux-image-5-15-0-73-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1019-raspi ubuntu-upgrade-linux-image-5-19-0-1019-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1023-ibm ubuntu-upgrade-linux-image-5-19-0-1024-kvm ubuntu-upgrade-linux-image-5-19-0-1024-oracle ubuntu-upgrade-linux-image-5-19-0-1025-gcp ubuntu-upgrade-linux-image-5-19-0-1025-lowlatency ubuntu-upgrade-linux-image-5-19-0-1025-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1026-aws ubuntu-upgrade-linux-image-5-19-0-1027-azure ubuntu-upgrade-linux-image-5-19-0-43-generic ubuntu-upgrade-linux-image-5-19-0-43-generic-64k ubuntu-upgrade-linux-image-5-19-0-43-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1050-ibm ubuntu-upgrade-linux-image-5-4-0-1064-bluefield ubuntu-upgrade-linux-image-5-4-0-1070-gkeop ubuntu-upgrade-linux-image-5-4-0-1086-raspi ubuntu-upgrade-linux-image-5-4-0-1092-kvm ubuntu-upgrade-linux-image-5-4-0-1100-gke ubuntu-upgrade-linux-image-5-4-0-1102-oracle ubuntu-upgrade-linux-image-5-4-0-1103-aws ubuntu-upgrade-linux-image-5-4-0-1106-gcp ubuntu-upgrade-linux-image-5-4-0-1109-azure ubuntu-upgrade-linux-image-5-4-0-150-generic ubuntu-upgrade-linux-image-5-4-0-150-generic-lpae ubuntu-upgrade-linux-image-5-4-0-150-lowlatency ubuntu-upgrade-linux-image-6-0-0-1021-oem ubuntu-upgrade-linux-image-6-1-0-1014-oem ubuntu-upgrade-linux-image-6-2-0-1003-ibm ubuntu-upgrade-linux-image-6-2-0-1005-aws ubuntu-upgrade-linux-image-6-2-0-1005-azure ubuntu-upgrade-linux-image-6-2-0-1005-lowlatency ubuntu-upgrade-linux-image-6-2-0-1005-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1005-oracle ubuntu-upgrade-linux-image-6-2-0-1006-kvm ubuntu-upgrade-linux-image-6-2-0-1006-raspi ubuntu-upgrade-linux-image-6-2-0-1006-raspi-nolpae ubuntu-upgrade-linux-image-6-2-0-1007-gcp ubuntu-upgrade-linux-image-6-2-0-23-generic ubuntu-upgrade-linux-image-6-2-0-23-generic-64k ubuntu-upgrade-linux-image-6-2-0-23-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-trusty ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-server ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-1380 CVE - 2023-1380 DSA-5480 USN-6127-1 USN-6130-1 USN-6131-1 USN-6132-1 USN-6135-1 USN-6149-1 USN-6150-1 USN-6162-1 USN-6173-1 USN-6175-1 USN-6186-1 USN-6222-1 USN-6256-1 USN-6385-1 USN-6460-1 View more

Ubuntu: (Multiple Advisories) (CVE-2023-1079): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/27/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1127-oracle ubuntu-upgrade-linux-image-4-15-0-1148-kvm ubuntu-upgrade-linux-image-4-15-0-1158-gcp ubuntu-upgrade-linux-image-4-15-0-1164-aws ubuntu-upgrade-linux-image-4-15-0-1173-azure ubuntu-upgrade-linux-image-4-15-0-221-generic ubuntu-upgrade-linux-image-4-15-0-221-lowlatency ubuntu-upgrade-linux-image-5-15-0-1022-gkeop ubuntu-upgrade-linux-image-5-15-0-1032-ibm ubuntu-upgrade-linux-image-5-15-0-1032-raspi ubuntu-upgrade-linux-image-5-15-0-1032-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1033-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1035-kvm ubuntu-upgrade-linux-image-5-15-0-1036-gcp ubuntu-upgrade-linux-image-5-15-0-1036-gke ubuntu-upgrade-linux-image-5-15-0-1037-oracle ubuntu-upgrade-linux-image-5-15-0-1038-aws ubuntu-upgrade-linux-image-5-15-0-1040-azure ubuntu-upgrade-linux-image-5-15-0-1040-azure-fde ubuntu-upgrade-linux-image-5-15-0-1041-azure-fde ubuntu-upgrade-linux-image-5-15-0-75-generic ubuntu-upgrade-linux-image-5-15-0-75-generic-64k ubuntu-upgrade-linux-image-5-15-0-75-generic-lpae ubuntu-upgrade-linux-image-5-15-0-75-lowlatency ubuntu-upgrade-linux-image-5-15-0-75-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1021-raspi ubuntu-upgrade-linux-image-5-19-0-1021-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1024-ibm ubuntu-upgrade-linux-image-5-19-0-1025-kvm ubuntu-upgrade-linux-image-5-19-0-1025-oracle ubuntu-upgrade-linux-image-5-19-0-1026-gcp ubuntu-upgrade-linux-image-5-19-0-1027-aws ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1028-azure ubuntu-upgrade-linux-image-5-19-0-45-generic ubuntu-upgrade-linux-image-5-19-0-45-generic-64k ubuntu-upgrade-linux-image-5-19-0-45-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1051-ibm ubuntu-upgrade-linux-image-5-4-0-1065-bluefield ubuntu-upgrade-linux-image-5-4-0-1071-gkeop ubuntu-upgrade-linux-image-5-4-0-1088-raspi ubuntu-upgrade-linux-image-5-4-0-1093-kvm ubuntu-upgrade-linux-image-5-4-0-1102-gke ubuntu-upgrade-linux-image-5-4-0-1103-oracle ubuntu-upgrade-linux-image-5-4-0-1104-aws ubuntu-upgrade-linux-image-5-4-0-1107-gcp ubuntu-upgrade-linux-image-5-4-0-1110-azure ubuntu-upgrade-linux-image-5-4-0-152-generic ubuntu-upgrade-linux-image-5-4-0-152-generic-lpae ubuntu-upgrade-linux-image-5-4-0-152-lowlatency ubuntu-upgrade-linux-image-6-1-0-1009-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-1079 CVE - 2023-1079 USN-6033-1 USN-6171-1 USN-6172-1 USN-6185-1 USN-6187-1 USN-6207-1 USN-6222-1 USN-6223-1 USN-6256-1 USN-6604-1 USN-6604-2 View more

Red Hat: CVE-2021-3923: stack information leak in infiniband RDMA (Multiple Advisories) Severity 1 CVSS (AV:L/AC:L/Au:M/C:P/I:N/A:N) Published 03/27/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/30/2025 Description A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2021-3923 RHSA-2022:1975 RHSA-2022:1988

CentOS Linux: CVE-2022-4744: Important: kernel-rt security and bug fix update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/27/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt centos-upgrade-kpatch-patch-5_14_0-162_12_1 centos-upgrade-kpatch-patch-5_14_0-162_12_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-162_12_1-debugsource centos-upgrade-kpatch-patch-5_14_0-162_18_1 centos-upgrade-kpatch-patch-5_14_0-162_18_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-162_18_1-debugsource centos-upgrade-kpatch-patch-5_14_0-162_6_1 centos-upgrade-kpatch-patch-5_14_0-162_6_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-162_6_1-debugsource References CVE-2022-4744

VMware Photon OS: CVE-2023-1079 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1079 CVE - 2023-1079

Huawei EulerOS: CVE-2023-1074: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/27/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/30/2025 Description A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service. Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1074 CVE - 2023-1074 EulerOS-SA-2023-2193

JetBrains TeamCity: CVE-2022-48427: Stored XSS on “Pending changes” and “Changes” tabs was possible (TW-80199) Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 03/27/2023 Created 10/22/2024 Added 10/15/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2022-48427 CVE - 2022-48427 https://www.jetbrains.com/privacy-security/issues-fixed/

Alma Linux: CVE-2023-1074: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/27/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/30/2025 Description A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1074 CVE - 2023-1074 https://errata.almalinux.org/8/ALSA-2023-7077.html

Alma Linux: CVE-2023-1079: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/27/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/28/2025 Description A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1079 CVE - 2023-1079 https://errata.almalinux.org/8/ALSA-2023-7077.html

Alma Linux: CVE-2023-28866: Important: kernel security, bug fix, and enhancement update (ALSA-2024-2394) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/27/2023 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2023-28866 CVE - 2023-28866 https://errata.almalinux.org/9/ALSA-2024-2394.html

FreeBSD: VID-3F6D6181-79B2-4D33-BB1E-5D3F9DF0C1D1 (CVE-2023-28858): py39-redis -- can send response data to the client of an unrelated request Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/26/2023 Created 05/05/2023 Added 04/14/2023 Modified 01/28/2025 Description redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT, and 4.3.6, 4.4.3, and 4.5.3 were released (changing the behavior for pipeline operations); however, please see CVE-2023-28859 about addressing data leakage across AsyncIO connections in general. Solution(s) freebsd-upgrade-package-py39-redis References CVE-2023-28858

SUSE: CVE-2023-28859: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 03/26/2023 Created 05/15/2024 Added 05/15/2024 Modified 01/28/2025 Description redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. Solution(s) suse-upgrade-python-paramiko-doc suse-upgrade-python-tqdm-bash-completion suse-upgrade-python311-aiohttp suse-upgrade-python311-aiosignal suse-upgrade-python311-antlr4-python3-runtime suse-upgrade-python311-argcomplete suse-upgrade-python311-asgiref suse-upgrade-python311-async_timeout suse-upgrade-python311-automat suse-upgrade-python311-avro suse-upgrade-python311-blinker suse-upgrade-python311-chardet suse-upgrade-python311-constantly suse-upgrade-python311-decorator suse-upgrade-python311-deprecated suse-upgrade-python311-distro suse-upgrade-python311-docker suse-upgrade-python311-fabric suse-upgrade-python311-fakeredis suse-upgrade-python311-fixedint suse-upgrade-python311-fluidity-sm suse-upgrade-python311-frozenlist suse-upgrade-python311-httplib2 suse-upgrade-python311-httpretty suse-upgrade-python311-humanfriendly suse-upgrade-python311-hyperlink suse-upgrade-python311-importlib-metadata suse-upgrade-python311-incremental suse-upgrade-python311-invoke suse-upgrade-python311-isodate suse-upgrade-python311-javaproperties suse-upgrade-python311-jsondiff suse-upgrade-python311-knack suse-upgrade-python311-lexicon suse-upgrade-python311-marshmallow suse-upgrade-python311-multidict suse-upgrade-python311-oauthlib suse-upgrade-python311-opencensus suse-upgrade-python311-opencensus-context suse-upgrade-python311-opencensus-ext-threading suse-upgrade-python311-opentelemetry-api suse-upgrade-python311-opentelemetry-sdk suse-upgrade-python311-opentelemetry-semantic-conventions suse-upgrade-python311-opentelemetry-test-utils suse-upgrade-python311-paramiko suse-upgrade-python311-pathspec suse-upgrade-python311-pip suse-upgrade-python311-pkginfo suse-upgrade-python311-portalocker suse-upgrade-python311-psutil suse-upgrade-python311-pycomposefile suse-upgrade-python311-pydash suse-upgrade-python311-pygithub suse-upgrade-python311-pygments suse-upgrade-python311-pyjwt suse-upgrade-python311-pyparsing suse-upgrade-python311-redis suse-upgrade-python311-requests-oauthlib suse-upgrade-python311-retrying suse-upgrade-python311-scp suse-upgrade-python311-semver suse-upgrade-python311-service_identity suse-upgrade-python311-sortedcontainers suse-upgrade-python311-sshtunnel suse-upgrade-python311-strictyaml suse-upgrade-python311-sure suse-upgrade-python311-tabulate suse-upgrade-python311-tqdm suse-upgrade-python311-twisted suse-upgrade-python311-twisted-all_non_platform suse-upgrade-python311-twisted-conch suse-upgrade-python311-twisted-conch_nacl suse-upgrade-python311-twisted-contextvars suse-upgrade-python311-twisted-http2 suse-upgrade-python311-twisted-serial suse-upgrade-python311-twisted-tls suse-upgrade-python311-typing_extensions suse-upgrade-python311-vcrpy suse-upgrade-python311-websocket-client suse-upgrade-python311-wheel suse-upgrade-python311-wrapt suse-upgrade-python311-xmltodict suse-upgrade-python311-yarl suse-upgrade-python311-zipp suse-upgrade-python311-zope-interface References https://attackerkb.com/topics/cve-2023-28859 CVE - 2023-28859

Alpine Linux: CVE-2023-28859: Incomplete Cleanup Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 03/26/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. Solution(s) alpine-linux-upgrade-py3-redis References https://attackerkb.com/topics/cve-2023-28859 CVE - 2023-28859 https://security.alpinelinux.org/vuln/CVE-2023-28859

Alpine Linux: CVE-2023-28686: Authorization Bypass Through User-Controlled Key Severity 8 CVSS (AV:N/AC:M/Au:N/C:C/I:P/A:N) Published 03/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information. Solution(s) alpine-linux-upgrade-dino References https://attackerkb.com/topics/cve-2023-28686 CVE - 2023-28686 https://security.alpinelinux.org/vuln/CVE-2023-28686

FreeBSD: VID-8AA6340D-E7C6-41E0-B2A3-3C9E9930312A (CVE-2023-28859): py39-redis -- can send response data to the client of an unrelated request Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 03/26/2023 Created 05/05/2023 Added 04/14/2023 Modified 01/28/2025 Description redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. Solution(s) freebsd-upgrade-package-py39-redis References CVE-2023-28859