ISHACK AI BOT

FreeBSD: VID-0D7D104C-C6FB-11ED-8A4B-080027F5FEC9 (CVE-2023-27535): curl -- multiple vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/20/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-0D7D104C-C6FB-11ED-8A4B-080027F5FEC9: Harry Sintonen reports: CVE-2023-27533 curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl would pass on user name and telnet options to the server as provided. This could allow users to pass in carefully crafted content that pass on content or do option negotiation without the application intending to do so. In particular if an application for example allows users to provide the data or parts of the data. CVE-2023-27534 curl supports SFTP transfers. curl's SFTP implementation offers a special feature in the path component of URLs: a tilde (~) character as the first path element in the path to denotes a path relative to the user's home directory. This is supported because of wording in the once proposed to-become RFC draft that was to dictate how SFTP URLs work. Due to a bug, the handling of the tilde in SFTP path did however not only replace it when it is used stand-alone as the first path element but also wrongly when used as a mere prefix in the first element. Using a path like /~2/foo when accessing a server using the user dan (with home directory /home/dan) would then quite surprisingly access the file /home/dan2/foo. This can be taken advantage of to circumvent filtering or worse. CVE-2023-27535 libcurl would reuse a previously created FTP connection even when one or more options had been changed that could have made the effective user a very different one, thus leading to the doing the second transfer with wrong credentials. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The settings in questions are CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC and CURLOPT_USE_SSL level. CVE-2023-27536 ibcurl would reuse a previously created connection even when the GSS delegation (CURLOPT_GSSAPI_DELEGATION) option had been changed that could have changed the user's permissions in a second transfer. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, this GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting krb5/kerberos/negotiate/GSSAPI transfers. CVE-2023-27537 libcurl supports sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. CVE-2023-27538 libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily. Solution(s) freebsd-upgrade-package-curl References CVE-2023-27535 SUSE-SU-2023:0865-1

Red Hat: CVE-2023-25751: CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/20/2023 Created 03/22/2023 Added 03/21/2023 Modified 01/28/2025 Description Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-25751 RHSA-2023:1333 RHSA-2023:1336 RHSA-2023:1337 RHSA-2023:1364 RHSA-2023:1367 RHSA-2023:1401 RHSA-2023:1402 RHSA-2023:1403 RHSA-2023:1404 RHSA-2023:1407 RHSA-2023:1444 RHSA-2023:1472 View more

SUSE: CVE-2023-28425: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/20/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. Solution(s) suse-upgrade-redis7 References https://attackerkb.com/topics/cve-2023-28425 CVE - 2023-28425

FreeBSD: VID-0D7D104C-C6FB-11ED-8A4B-080027F5FEC9 (CVE-2023-27537): curl -- multiple vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/20/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-0D7D104C-C6FB-11ED-8A4B-080027F5FEC9: Harry Sintonen reports: CVE-2023-27533 curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl would pass on user name and telnet options to the server as provided. This could allow users to pass in carefully crafted content that pass on content or do option negotiation without the application intending to do so. In particular if an application for example allows users to provide the data or parts of the data. CVE-2023-27534 curl supports SFTP transfers. curl's SFTP implementation offers a special feature in the path component of URLs: a tilde (~) character as the first path element in the path to denotes a path relative to the user's home directory. This is supported because of wording in the once proposed to-become RFC draft that was to dictate how SFTP URLs work. Due to a bug, the handling of the tilde in SFTP path did however not only replace it when it is used stand-alone as the first path element but also wrongly when used as a mere prefix in the first element. Using a path like /~2/foo when accessing a server using the user dan (with home directory /home/dan) would then quite surprisingly access the file /home/dan2/foo. This can be taken advantage of to circumvent filtering or worse. CVE-2023-27535 libcurl would reuse a previously created FTP connection even when one or more options had been changed that could have made the effective user a very different one, thus leading to the doing the second transfer with wrong credentials. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The settings in questions are CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC and CURLOPT_USE_SSL level. CVE-2023-27536 ibcurl would reuse a previously created connection even when the GSS delegation (CURLOPT_GSSAPI_DELEGATION) option had been changed that could have changed the user's permissions in a second transfer. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, this GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting krb5/kerberos/negotiate/GSSAPI transfers. CVE-2023-27537 libcurl supports sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. CVE-2023-27538 libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily. Solution(s) freebsd-upgrade-package-curl References CVE-2023-27537

FreeBSD: VID-68958E18-ED94-11ED-9688-B42E991FC52E (CVE-2023-28639): glpi -- multiple vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 03/20/2023 Created 05/17/2023 Added 05/16/2023 Modified 01/28/2025 Description GLPI is a free asset and IT management software package. Starting in version 0.85 and prior to versions 9.5.13 and 10.0.7, a malicious link can be crafted by an unauthenticated user. It will be able to exploit a reflected XSS in case any authenticated user opens the crafted link. This issue is fixed in versions 9.5.13 and 10.0.7. Solution(s) freebsd-upgrade-package-glpi References CVE-2023-28639

FreeBSD: VID-0D7D104C-C6FB-11ED-8A4B-080027F5FEC9 (CVE-2023-27534): curl -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 03/20/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-0D7D104C-C6FB-11ED-8A4B-080027F5FEC9: Harry Sintonen reports: CVE-2023-27533 curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl would pass on user name and telnet options to the server as provided. This could allow users to pass in carefully crafted content that pass on content or do option negotiation without the application intending to do so. In particular if an application for example allows users to provide the data or parts of the data. CVE-2023-27534 curl supports SFTP transfers. curl's SFTP implementation offers a special feature in the path component of URLs: a tilde (~) character as the first path element in the path to denotes a path relative to the user's home directory. This is supported because of wording in the once proposed to-become RFC draft that was to dictate how SFTP URLs work. Due to a bug, the handling of the tilde in SFTP path did however not only replace it when it is used stand-alone as the first path element but also wrongly when used as a mere prefix in the first element. Using a path like /~2/foo when accessing a server using the user dan (with home directory /home/dan) would then quite surprisingly access the file /home/dan2/foo. This can be taken advantage of to circumvent filtering or worse. CVE-2023-27535 libcurl would reuse a previously created FTP connection even when one or more options had been changed that could have made the effective user a very different one, thus leading to the doing the second transfer with wrong credentials. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The settings in questions are CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC and CURLOPT_USE_SSL level. CVE-2023-27536 ibcurl would reuse a previously created connection even when the GSS delegation (CURLOPT_GSSAPI_DELEGATION) option had been changed that could have changed the user's permissions in a second transfer. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, this GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting krb5/kerberos/negotiate/GSSAPI transfers. CVE-2023-27537 libcurl supports sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. CVE-2023-27538 libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily. Solution(s) freebsd-upgrade-package-curl References CVE-2023-27534 SUSE-SU-2023:0865-1

FreeBSD: VID-68958E18-ED94-11ED-9688-B42E991FC52E (CVE-2023-28849): glpi -- multiple vulnerabilities Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 03/20/2023 Created 05/17/2023 Added 05/16/2023 Modified 01/28/2025 Description GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.7, GLPI inventory endpoint can be used to drive a SQL injection attack. It can also be used to store malicious code that could be used to perform XSS attack. By default, GLPI inventory endpoint requires no authentication. Version 10.0.7 contains a patch for this issue. As a workaround, disable native inventory. Solution(s) freebsd-upgrade-package-glpi References CVE-2023-28849

FreeBSD: VID-68958E18-ED94-11ED-9688-B42E991FC52E (CVE-2023-28632): glpi -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:N) Published 03/20/2023 Created 05/17/2023 Added 05/16/2023 Modified 01/28/2025 Description GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, an authenticated user can modify emails of any user, and can therefore takeover another user account through the "forgotten password" feature. By modifying emails, the user can also receive sensitive data through GLPI notifications. Versions 9.5.13 and 10.0.7 contain a patch for this issue. As a workaround, account takeover can be prevented by deactivating all notifications related to `Forgotten password?` event. However, it will not prevent unauthorized modification of any user emails. Solution(s) freebsd-upgrade-package-glpi References CVE-2023-28632

Oracle Linux: CVE-2023-27534: ELSA-2023-6679:curl security update (MODERATE) (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:P/I:N/A:N) Published 03/20/2023 Created 07/26/2024 Added 07/22/2024 Modified 11/22/2024 Description A path traversal vulnerability exists in curl &lt;8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user&apos;s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user. Solution(s) oracle-linux-upgrade-curl oracle-linux-upgrade-curl-minimal oracle-linux-upgrade-libcurl oracle-linux-upgrade-libcurl-devel oracle-linux-upgrade-libcurl-minimal References https://attackerkb.com/topics/cve-2023-27534 CVE - 2023-27534 ELSA-2023-6679

Oracle Linux: CVE-2023-27533: ELSA-2023-6679:curl security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/20/2023 Created 07/26/2024 Added 07/22/2024 Modified 11/22/2024 Description A vulnerability in input validation exists in curl &lt;8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and &quot;telnet options&quot; during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application&apos;s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system. Solution(s) oracle-linux-upgrade-curl oracle-linux-upgrade-curl-minimal oracle-linux-upgrade-libcurl oracle-linux-upgrade-libcurl-devel oracle-linux-upgrade-libcurl-minimal References https://attackerkb.com/topics/cve-2023-27533 CVE - 2023-27533 ELSA-2023-6679

Oracle Linux: CVE-2023-27535: ELSA-2023-3106:curl security and bug fix update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:C/I:N/A:N) Published 03/20/2023 Created 05/18/2023 Added 05/17/2023 Modified 12/22/2024 Description An authentication bypass vulnerability exists in libcurl &lt;8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic settings are `CURLOPT_FTP_ACCOUNT`, `CURLOPT_FTP_ALTERNATIVE_TO_USER`, `CURLOPT_FTP_SSL_CCC` and `CURLOPT_USE_SSL` level. Solution(s) oracle-linux-upgrade-curl oracle-linux-upgrade-curl-minimal oracle-linux-upgrade-libcurl oracle-linux-upgrade-libcurl-devel oracle-linux-upgrade-libcurl-minimal References https://attackerkb.com/topics/cve-2023-27535 CVE - 2023-27535 ELSA-2023-3106 ELSA-2023-2650

Oracle Linux: CVE-2023-27538: ELSA-2023-6679:curl security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/20/2023 Created 07/26/2024 Added 07/22/2024 Modified 11/22/2024 Description An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. Solution(s) oracle-linux-upgrade-curl oracle-linux-upgrade-curl-minimal oracle-linux-upgrade-libcurl oracle-linux-upgrade-libcurl-devel oracle-linux-upgrade-libcurl-minimal References https://attackerkb.com/topics/cve-2023-27538 CVE - 2023-27538 ELSA-2023-6679

Gentoo Linux: CVE-2023-28425: Redis: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/20/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. Solution(s) gentoo-linux-upgrade-dev-db-redis References https://attackerkb.com/topics/cve-2023-28425 CVE - 2023-28425 202408-05

CentOS Linux: CVE-2023-25752: Important: firefox security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 03/20/2023 Created 03/22/2023 Added 03/21/2023 Modified 01/28/2025 Description When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. Solution(s) centos-upgrade-firefox centos-upgrade-firefox-debuginfo centos-upgrade-thunderbird centos-upgrade-thunderbird-debuginfo References CVE-2023-25752

MinIO Bootstrap Verify Information Disclosure Disclosed 03/20/2023 Created 03/11/2024 Description MinIO is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. Verified against MinIO 2023-02-27T18:10:45Z Author(s) joel <joel @ ndepthsecurity> RicterZ Development Source Code History

VMware Photon OS: CVE-2023-28425 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/20/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-28425 CVE - 2023-28425

Red Hat JBossEAP: Allocation of Resources Without Limits or Throttling (CVE-2021-46877) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/19/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.. A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2021-46877 CVE - 2021-46877 https://access.redhat.com/security/cve/CVE-2021-46877 https://bugzilla.redhat.com/show_bug.cgi?id=2185707 https://access.redhat.com/errata/RHSA-2023:4505 https://access.redhat.com/errata/RHSA-2023:4506 https://access.redhat.com/errata/RHSA-2023:4507 https://access.redhat.com/errata/RHSA-2023:4509 View more

CentOS Linux: CVE-2023-28617: Important: emacs security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/19/2023 Created 05/05/2023 Added 04/25/2023 Modified 01/28/2025 Description org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. Solution(s) centos-upgrade-emacs centos-upgrade-emacs-common centos-upgrade-emacs-common-debuginfo centos-upgrade-emacs-debuginfo centos-upgrade-emacs-debugsource centos-upgrade-emacs-filesystem centos-upgrade-emacs-lucid centos-upgrade-emacs-lucid-debuginfo centos-upgrade-emacs-nox centos-upgrade-emacs-nox-debuginfo centos-upgrade-emacs-terminal References CVE-2023-28617

Oracle Linux: CVE-2023-28617: ELSA-2023-2074:emacs security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/19/2023 Created 05/05/2023 Added 04/25/2023 Modified 12/05/2024 Description org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution. Solution(s) oracle-linux-upgrade-emacs oracle-linux-upgrade-emacs-common oracle-linux-upgrade-emacs-filesystem oracle-linux-upgrade-emacs-lucid oracle-linux-upgrade-emacs-nox oracle-linux-upgrade-emacs-terminal References https://attackerkb.com/topics/cve-2023-28617 CVE - 2023-28617 ELSA-2023-2074 ELSA-2023-1930

Amazon Linux AMI 2: CVE-2022-48425: Security patch for kernel (ALASKERNEL-5.15-2023-021) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/19/2023 Created 06/30/2023 Added 06/30/2023 Modified 01/28/2025 Description In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-117-72-142 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2022-48425 AL2/ALASKERNEL-5.15-2023-021 CVE - 2022-48425

Amazon Linux AMI 2: CVE-2023-28617: Security patch for emacs (ALAS-2023-2012) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/19/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. Solution(s) amazon-linux-ami-2-upgrade-emacs amazon-linux-ami-2-upgrade-emacs-common amazon-linux-ami-2-upgrade-emacs-debuginfo amazon-linux-ami-2-upgrade-emacs-devel amazon-linux-ami-2-upgrade-emacs-filesystem amazon-linux-ami-2-upgrade-emacs-lucid amazon-linux-ami-2-upgrade-emacs-nox amazon-linux-ami-2-upgrade-emacs-terminal References https://attackerkb.com/topics/cve-2023-28617 AL2/ALAS-2023-2012 CVE - 2023-28617

Amazon Linux AMI 2: CVE-2022-48424: Security patch for kernel (ALASKERNEL-5.15-2023-013) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/19/2023 Created 05/05/2023 Added 05/02/2023 Modified 01/28/2025 Description In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-90-54-138 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2022-48424 AL2/ALASKERNEL-5.15-2023-013 CVE - 2022-48424

Alma Linux: CVE-2023-28617: Important: emacs security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/19/2023 Created 05/05/2023 Added 04/25/2023 Modified 01/28/2025 Description org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. Solution(s) alma-upgrade-emacs alma-upgrade-emacs-common alma-upgrade-emacs-filesystem alma-upgrade-emacs-lucid alma-upgrade-emacs-nox alma-upgrade-emacs-terminal References https://attackerkb.com/topics/cve-2023-28617 CVE - 2023-28617 https://errata.almalinux.org/8/ALSA-2023-1930.html https://errata.almalinux.org/9/ALSA-2023-2074.html

Rocky Linux: CVE-2023-28617: emacs (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/19/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. Solution(s) rocky-upgrade-emacs rocky-upgrade-emacs-common rocky-upgrade-emacs-common-debuginfo rocky-upgrade-emacs-debuginfo rocky-upgrade-emacs-debugsource rocky-upgrade-emacs-lucid rocky-upgrade-emacs-lucid-debuginfo rocky-upgrade-emacs-nox rocky-upgrade-emacs-nox-debuginfo References https://attackerkb.com/topics/cve-2023-28617 CVE - 2023-28617 https://errata.rockylinux.org/RLSA-2023:1930 https://errata.rockylinux.org/RLSA-2023:2074

Debian: CVE-2022-48424: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/19/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48424 CVE - 2022-48424