ISHACK AI BOT

Debian: CVE-2023-1544: qemu -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/30/2025 Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. Solution(s) debian-upgrade-qemu References https://attackerkb.com/topics/cve-2023-1544 CVE - 2023-1544

FreeBSD: VID-25872B25-DA2D-11ED-B715-A1E76793953B (CVE-2023-28879): ghostscript -- exploitable buffer overflow in (T)BCP in PS interpreter Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/23/2023 Created 05/05/2023 Added 04/14/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) freebsd-upgrade-package-ghostscript freebsd-upgrade-package-ghostscript7-base freebsd-upgrade-package-ghostscript7-commfont freebsd-upgrade-package-ghostscript7-jpnfont freebsd-upgrade-package-ghostscript7-korfont freebsd-upgrade-package-ghostscript7-x11 freebsd-upgrade-package-ghostscript8-base freebsd-upgrade-package-ghostscript8-x11 freebsd-upgrade-package-ghostscript9-agpl-base References CVE-2023-28879

FreeBSD: VID-DEC6B8E9-C9FE-11ED-BB39-901B0E9408DC (CVE-2023-28686): dino -- Insufficient message sender validation in Dino Severity 8 CVSS (AV:N/AC:M/Au:N/C:C/I:P/A:N) Published 03/23/2023 Created 03/27/2023 Added 03/24/2023 Modified 01/28/2025 Description Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information. Solution(s) freebsd-upgrade-package-dino References CVE-2023-28686

Debian: CVE-2023-28772: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/23/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-28772 CVE - 2023-28772

Huawei EulerOS: CVE-2023-1249: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1249 CVE - 2023-1249 EulerOS-SA-2023-2689

Apache Tomcat: Important: Apache Tomcat information disclosure (CVE-2023-28708) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/23/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description When using the RemoteIpFilter with requests received from areverse proxy via HTTP that include the X-Forwarded-Protoheader set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel. Solution(s) apache-tomcat-upgrade-10_1_6 apache-tomcat-upgrade-8_5_86 apache-tomcat-upgrade-9_0_72 References https://attackerkb.com/topics/cve-2023-28708 CVE - 2023-28708 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html

SUSE: CVE-2023-1544: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 04/04/2024 Added 04/04/2024 Modified 01/28/2025 Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. Solution(s) suse-upgrade-qemu suse-upgrade-qemu-accel-qtest suse-upgrade-qemu-accel-tcg-x86 suse-upgrade-qemu-arm suse-upgrade-qemu-audio-alsa suse-upgrade-qemu-audio-dbus suse-upgrade-qemu-audio-jack suse-upgrade-qemu-audio-pa suse-upgrade-qemu-audio-spice suse-upgrade-qemu-block-curl suse-upgrade-qemu-block-dmg suse-upgrade-qemu-block-gluster suse-upgrade-qemu-block-iscsi suse-upgrade-qemu-block-nfs suse-upgrade-qemu-block-rbd suse-upgrade-qemu-block-ssh suse-upgrade-qemu-chardev-baum suse-upgrade-qemu-chardev-spice suse-upgrade-qemu-extra suse-upgrade-qemu-guest-agent suse-upgrade-qemu-hw-display-qxl suse-upgrade-qemu-hw-display-virtio-gpu suse-upgrade-qemu-hw-display-virtio-gpu-pci suse-upgrade-qemu-hw-display-virtio-vga suse-upgrade-qemu-hw-s390x-virtio-gpu-ccw suse-upgrade-qemu-hw-usb-host suse-upgrade-qemu-hw-usb-redirect suse-upgrade-qemu-hw-usb-smartcard suse-upgrade-qemu-ipxe suse-upgrade-qemu-ivshmem-tools suse-upgrade-qemu-ksm suse-upgrade-qemu-kvm suse-upgrade-qemu-lang suse-upgrade-qemu-microvm suse-upgrade-qemu-ppc suse-upgrade-qemu-s390x suse-upgrade-qemu-seabios suse-upgrade-qemu-sgabios suse-upgrade-qemu-skiboot suse-upgrade-qemu-slof suse-upgrade-qemu-tools suse-upgrade-qemu-ui-curses suse-upgrade-qemu-ui-dbus suse-upgrade-qemu-ui-gtk suse-upgrade-qemu-ui-opengl suse-upgrade-qemu-ui-spice-app suse-upgrade-qemu-ui-spice-core suse-upgrade-qemu-vgabios suse-upgrade-qemu-vhost-user-gpu suse-upgrade-qemu-x86 References https://attackerkb.com/topics/cve-2023-1544 CVE - 2023-1544

Ubuntu: (Multiple Advisories) (CVE-2022-37704): amanda vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/23/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure. Solution(s) ubuntu-upgrade-amanda-client References https://attackerkb.com/topics/cve-2022-37704 CVE - 2022-37704 USN-5966-1 USN-5966-2 USN-5966-3

Huawei EulerOS: CVE-2023-28772: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/23/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-28772 CVE - 2023-28772 EulerOS-SA-2023-2193

Alma Linux: CVE-2023-0590: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/30/2025 Description A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla References https://attackerkb.com/topics/cve-2023-0590 CVE - 2023-0590 https://errata.almalinux.org/8/ALSA-2023-7077.html https://errata.almalinux.org/9/ALSA-2023-2148.html https://errata.almalinux.org/9/ALSA-2023-2458.html

Alma Linux: CVE-2023-0056: Moderate: haproxy security update (ALSA-2023-1696) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. Solution(s) alma-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-0056 CVE - 2023-0056 https://errata.almalinux.org/9/ALSA-2023-1696.html

Alma Linux: CVE-2023-1252: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/23/2023 Created 11/29/2023 Added 11/28/2023 Modified 01/30/2025 Description A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1252 CVE - 2023-1252 https://errata.almalinux.org/8/ALSA-2023-7077.html

CentOS Linux: CVE-2023-28772: Important: kernel-rt security, bug fix, and enhancement update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/23/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt References CVE-2023-28772

Amazon Linux AMI 2: CVE-2023-1289: Security patch for ImageMagick (ALAS-2023-2014) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/30/2025 Description A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. Solution(s) amazon-linux-ami-2-upgrade-imagemagick amazon-linux-ami-2-upgrade-imagemagick-c amazon-linux-ami-2-upgrade-imagemagick-c-devel amazon-linux-ami-2-upgrade-imagemagick-debuginfo amazon-linux-ami-2-upgrade-imagemagick-devel amazon-linux-ami-2-upgrade-imagemagick-doc amazon-linux-ami-2-upgrade-imagemagick-perl References https://attackerkb.com/topics/cve-2023-1289 AL2/ALAS-2023-2014 CVE - 2023-1289

Red Hat: CVE-2023-28772: kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/23/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-28772 RHSA-2023:6901 RHSA-2023:7077 RHSA-2024:0724 RHSA-2024:1404

VMware Photon OS: CVE-2023-1252 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/23/2023 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1252 CVE - 2023-1252

VMware Photon OS: CVE-2023-1249 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1249 CVE - 2023-1249

Debian: CVE-2023-1289: imagemagick -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 02/24/2024 Added 02/23/2024 Modified 01/30/2025 Description A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. Solution(s) debian-upgrade-imagemagick References https://attackerkb.com/topics/cve-2023-1289 CVE - 2023-1289 DLA-3737-1

Huawei EulerOS: CVE-2023-28772: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 03/23/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-28772 CVE - 2023-28772 EulerOS-SA-2023-1873

VMware Photon OS: CVE-2023-0590 Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-0590 CVE - 2023-0590

Amazon Linux AMI: CVE-2023-1289: Security patch for ImageMagick (ALAS-2023-1745) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 05/25/2023 Added 05/24/2023 Modified 01/28/2025 Description A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. Solution(s) amazon-linux-upgrade-imagemagick References ALAS-2023-1745 CVE-2023-1289

VMware Photon OS: CVE-2023-1289 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1289 CVE - 2023-1289

VMware Photon OS: CVE-2023-0056 Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-0056 CVE - 2023-0056

VMware Photon OS: CVE-2023-1513 Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 03/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1513 CVE - 2023-1513

Gentoo Linux: CVE-2023-1544: QEMU: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 08/13/2024 Added 08/12/2024 Modified 01/30/2025 Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. Solution(s) gentoo-linux-upgrade-app-emulation-qemu References https://attackerkb.com/topics/cve-2023-1544 CVE - 2023-1544 202408-18