ISHACK AI BOT

Ubuntu: (Multiple Advisories) (CVE-2023-1281): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/30/2025 Description Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1063-dell300x ubuntu-upgrade-linux-image-4-15-0-1117-oracle ubuntu-upgrade-linux-image-4-15-0-1130-raspi2 ubuntu-upgrade-linux-image-4-15-0-1138-kvm ubuntu-upgrade-linux-image-4-15-0-1148-gcp ubuntu-upgrade-linux-image-4-15-0-1148-snapdragon ubuntu-upgrade-linux-image-4-15-0-1154-aws ubuntu-upgrade-linux-image-4-15-0-1163-azure ubuntu-upgrade-linux-image-4-15-0-209-generic ubuntu-upgrade-linux-image-4-15-0-209-generic-lpae ubuntu-upgrade-linux-image-4-15-0-209-lowlatency ubuntu-upgrade-linux-image-5-15-0-1018-gkeop ubuntu-upgrade-linux-image-5-15-0-1027-raspi ubuntu-upgrade-linux-image-5-15-0-1027-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1028-ibm ubuntu-upgrade-linux-image-5-15-0-1028-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1031-gke ubuntu-upgrade-linux-image-5-15-0-1031-kvm ubuntu-upgrade-linux-image-5-15-0-1032-gcp ubuntu-upgrade-linux-image-5-15-0-1033-oracle ubuntu-upgrade-linux-image-5-15-0-1034-aws ubuntu-upgrade-linux-image-5-15-0-1036-azure ubuntu-upgrade-linux-image-5-15-0-1036-azure-fde ubuntu-upgrade-linux-image-5-15-0-70-generic ubuntu-upgrade-linux-image-5-15-0-70-generic-64k ubuntu-upgrade-linux-image-5-15-0-70-generic-lpae ubuntu-upgrade-linux-image-5-15-0-70-lowlatency ubuntu-upgrade-linux-image-5-15-0-70-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1030-oem ubuntu-upgrade-linux-image-5-19-0-1016-raspi ubuntu-upgrade-linux-image-5-19-0-1016-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1020-gcp ubuntu-upgrade-linux-image-5-19-0-1020-oracle ubuntu-upgrade-linux-image-5-19-0-1021-kvm ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1023-aws ubuntu-upgrade-linux-image-5-19-0-1023-azure ubuntu-upgrade-linux-image-5-19-0-40-generic ubuntu-upgrade-linux-image-5-19-0-40-generic-64k ubuntu-upgrade-linux-image-5-19-0-40-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1047-ibm ubuntu-upgrade-linux-image-5-4-0-1062-bluefield ubuntu-upgrade-linux-image-5-4-0-1067-gkeop ubuntu-upgrade-linux-image-5-4-0-1083-raspi ubuntu-upgrade-linux-image-5-4-0-1089-kvm ubuntu-upgrade-linux-image-5-4-0-1097-gke ubuntu-upgrade-linux-image-5-4-0-1099-oracle ubuntu-upgrade-linux-image-5-4-0-1100-aws ubuntu-upgrade-linux-image-5-4-0-1103-gcp ubuntu-upgrade-linux-image-5-4-0-1106-azure ubuntu-upgrade-linux-image-5-4-0-147-generic ubuntu-upgrade-linux-image-5-4-0-147-generic-lpae ubuntu-upgrade-linux-image-5-4-0-147-lowlatency ubuntu-upgrade-linux-image-6-0-0-1013-oem ubuntu-upgrade-linux-image-6-1-0-1008-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-1281 CVE - 2023-1281 USN-5977-1 USN-5978-1 USN-6024-1 USN-6025-1 USN-6027-1 USN-6029-1 USN-6030-1 USN-6031-1 USN-6040-1 USN-6057-1 USN-6093-1 USN-6134-1 USN-6222-1 USN-6256-1 View more

Ubuntu: USN-6179-1 (CVE-2023-1436): Jettison vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 06/21/2023 Added 06/21/2023 Modified 01/28/2025 Description An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. Solution(s) ubuntu-pro-upgrade-libjettison-java References https://attackerkb.com/topics/cve-2023-1436 CVE - 2023-1436 USN-6179-1

Huawei EulerOS: CVE-2023-0464: shim security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints.Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Solution(s) huawei-euleros-2_0_sp11-upgrade-shim References https://attackerkb.com/topics/cve-2023-0464 CVE - 2023-0464 EulerOS-SA-2024-1806

Cisco IOS: CVE-2023-20081: Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/22/2025 Description A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position. Solution(s) cisco-ios-upgrade-latest References https://attackerkb.com/topics/cve-2023-20081 CVE - 2023-20081 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv

Huawei EulerOS: CVE-2023-1281: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/30/2025 Description Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1281 CVE - 2023-1281 EulerOS-SA-2023-1824

Cisco ASA: CVE-2023-20107: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/22/2023 Created 05/05/2023 Added 04/10/2023 Modified 07/16/2024 Description A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2023-20107 CVE - 2023-20107 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP cisco-sa-asa5500x-entropy-6v9bHVYP

Red Hat: CVE-2023-0056: segfault DoS (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 03/23/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. Solution(s) redhat-upgrade-haproxy redhat-upgrade-haproxy-debuginfo redhat-upgrade-haproxy-debugsource References CVE-2023-0056 RHSA-2023:1696 RHSA-2023:1978

Moodle: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2023-28331) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 03/23/2023 Created 03/29/2023 Added 03/29/2023 Modified 01/28/2025 Description Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk. Solution(s) moodle-upgrade-3_11_13 moodle-upgrade-3_9_20 moodle-upgrade-4_0_7 References https://attackerkb.com/topics/cve-2023-28331 CVE - 2023-28331 https://bugzilla.redhat.com/show_bug.cgi?id=2179418 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/ https://moodle.org/mod/forum/discuss.php?d=445063

Moodle: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CVE-2023-28329) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 03/23/2023 Created 03/29/2023 Added 03/29/2023 Modified 01/28/2025 Description Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers). Solution(s) moodle-upgrade-3_11_13 moodle-upgrade-3_9_20 moodle-upgrade-4_0_7 References https://attackerkb.com/topics/cve-2023-28329 CVE - 2023-28329 https://bugzilla.redhat.com/show_bug.cgi?id=2179406 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/ https://moodle.org/mod/forum/discuss.php?d=445061

Moodle: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2023-28332) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 03/23/2023 Created 04/01/2023 Added 03/31/2023 Modified 01/28/2025 Description If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk. Solution(s) moodle-upgrade-3_11_13 moodle-upgrade-3_9_20 moodle-upgrade-4_0_7 References https://attackerkb.com/topics/cve-2023-28332 CVE - 2023-28332 https://bugzilla.redhat.com/show_bug.cgi?id=2179419 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/ https://moodle.org/mod/forum/discuss.php?d=445064

SUSE: CVE-2023-1289: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/23/2023 Created 05/05/2023 Added 04/04/2023 Modified 01/28/2025 Description A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. Solution(s) suse-upgrade-imagemagick suse-upgrade-imagemagick-config-6-suse suse-upgrade-imagemagick-config-6-upstream suse-upgrade-imagemagick-config-7-suse suse-upgrade-imagemagick-config-7-upstream suse-upgrade-imagemagick-devel suse-upgrade-imagemagick-devel-32bit suse-upgrade-imagemagick-doc suse-upgrade-imagemagick-extra suse-upgrade-libmagick-6_q16-3 suse-upgrade-libmagick-7_q16hdri4 suse-upgrade-libmagick-7_q16hdri4-32bit suse-upgrade-libmagick-7_q16hdri5 suse-upgrade-libmagick-7_q16hdri5-32bit suse-upgrade-libmagick-devel suse-upgrade-libmagick-devel-32bit suse-upgrade-libmagickcore-6_q16-1 suse-upgrade-libmagickcore-6_q16-1-32bit suse-upgrade-libmagickcore-7_q16hdri10 suse-upgrade-libmagickcore-7_q16hdri10-32bit suse-upgrade-libmagickcore-7_q16hdri6 suse-upgrade-libmagickcore-7_q16hdri6-32bit suse-upgrade-libmagickwand-6_q16-1 suse-upgrade-libmagickwand-7_q16hdri10 suse-upgrade-libmagickwand-7_q16hdri10-32bit suse-upgrade-libmagickwand-7_q16hdri6 suse-upgrade-libmagickwand-7_q16hdri6-32bit suse-upgrade-perl-perlmagick References https://attackerkb.com/topics/cve-2023-1289 CVE - 2023-1289

SUSE: CVE-2023-1410: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:M/C:P/I:P/A:N) Published 03/23/2023 Created 05/05/2023 Added 04/20/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. Solution(s) suse-upgrade-grafana References https://attackerkb.com/topics/cve-2023-1410 CVE - 2023-1410

Amazon Linux AMI 2: CVE-2023-1436: Security patch for jettison (ALAS-2023-2053) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 06/06/2023 Added 06/06/2023 Modified 01/28/2025 Description An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. Solution(s) amazon-linux-ami-2-upgrade-jettison amazon-linux-ami-2-upgrade-jettison-javadoc References https://attackerkb.com/topics/cve-2023-1436 AL2/ALAS-2023-2053 CVE - 2023-1436

Amazon Linux AMI 2: CVE-2023-1077: Security patch for kernel, kernel-livepatch-5.10.162-141.675, kernel-livepatch-5.10.165-143.735, kernel-livepatch-5.10.167-147.601 (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 03/23/2023 Added 03/22/2023 Modified 01/28/2025 Description In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-344-262-563 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-162-141-675 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-162-141-675-debuginfo amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-165-143-735 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-165-143-735-debuginfo amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-167-147-601 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-167-147-601-debuginfo amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-173-154-642 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-102-61-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1077 AL2/ALAS-2024-2588 AL2/ALASKERNEL-5.10-2023-028 AL2/ALASKERNEL-5.15-2023-015 AL2/ALASKERNEL-5.4-2023-043 AL2/ALASLIVEPATCH-2023-119 AL2/ALASLIVEPATCH-2023-120 AL2/ALASLIVEPATCH-2023-121 CVE - 2023-1077 View more

Amazon Linux AMI 2: CVE-2023-25751: Security patch for firefox, thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 03/23/2023 Added 03/22/2023 Modified 01/28/2025 Description Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-25751 AL2/ALAS-2023-1988 AL2/ALASFIREFOX-2023-004 CVE - 2023-25751

Amazon Linux AMI 2: CVE-2023-0590: Security patch for kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 03/22/2023 Created 03/23/2023 Added 03/22/2023 Modified 01/30/2025 Description A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-334-252-552 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-155-138-670 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-79-51-138 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-0590 AL2/ALAS-2024-2391 AL2/ALASKERNEL-5.10-2022-023 AL2/ALASKERNEL-5.15-2022-011 AL2/ALASKERNEL-5.4-2023-044 CVE - 2023-0590

Amazon Linux AMI 2: CVE-2023-0386: Security patch for kernel (ALASKERNEL-5.15-2024-037) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-93-55-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-0386 AL2/ALASKERNEL-5.15-2024-037 CVE - 2023-0386

Amazon Linux AMI 2: CVE-2023-1281: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 07/14/2023 Added 07/14/2023 Modified 01/30/2025 Description Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-309-231-529 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-173-154-642 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-102-61-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2023-1281 AL2/ALAS-2023-1987 AL2/ALASKERNEL-5.10-2023-028 AL2/ALASKERNEL-5.15-2023-015 AL2/ALASKERNEL-5.4-2023-043 CVE - 2023-1281

Oracle WebLogic: CVE-2023-1370 : Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 07/19/2023 Added 07/19/2023 Modified 01/28/2025 Description [Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software. Solution(s) oracle-weblogic-jul-2023-cpu-12_2_1_4_0 oracle-weblogic-jul-2023-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2023-1370 CVE - 2023-1370 http://www.oracle.com/security-alerts/cpujul2023.html https://support.oracle.com/rs?type=doc&id=2958367.2

Cisco XE: CVE-2023-20067: Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 03/24/2023 Added 03/23/2023 Modified 09/02/2024 Description A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic through a wireless access point. A successful exploit could allow the attacker to cause CPU utilization to increase, which could result in a DoS condition on an affected device and could cause new wireless client associations to fail. Once the offending traffic stops, the affected system will return to an operational state and new client associations will succeed. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2023-20067 CVE - 2023-20067 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-dos-wFujBHKw cisco-sa-ewlc-dos-wFujBHKw

Cisco XE: CVE-2023-20080: Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 03/24/2023 Added 03/23/2023 Modified 11/13/2024 Description A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2023-20080 CVE - 2023-20080 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dhcpv6-dos-44cMvdDK cisco-sa-ios-dhcpv6-dos-44cMvdDK

Cisco XE: CVE-2023-20100: Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 03/22/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/22/2025 Description A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error that occurs when certain conditions are met during the AP joining process. An attacker could exploit this vulnerability by adding an AP that is under their control to the network. The attacker then must ensure that the AP successfully joins an affected wireless controller under certain conditions. Additionally, the attacker would need the ability to restart a valid AP that was previously connected to the controller. A successful exploit could allow the attacker to cause the affected device to restart unexpectedly, resulting in a DoS condition. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2023-20100 CVE - 2023-20100 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-apjoin-dos-nXRHkt5 cisco-sa-c9800-apjoin-dos-nXRHkt5

Cisco XE: CVE-2023-20029: Cisco IOS XE Software Privilege Escalation Vulnerability Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 03/22/2023 Created 03/24/2023 Added 03/23/2023 Modified 07/16/2024 Description A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Meraki registration parameters. A successful exploit could allow the attacker to elevate privileges to root. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2023-20029 CVE - 2023-20029 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-sABD8hcU cisco-sa-iosxe-priv-esc-sABD8hcU

Cisco XE: CVE-2023-20035: Cisco IOS XE SD-WAN Software Command Injection Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 03/24/2023 Added 03/23/2023 Modified 11/13/2024 Description A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2023-20035 CVE - 2023-20035 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw cisco-sa-ios-xe-sdwan-VQAhEjYw

Debian: CVE-2022-4095: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/22/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-4095 CVE - 2022-4095