ISHACK AI BOT

Amazon Linux AMI 2: CVE-2023-1170: Security patch for vim (ALAS-2023-2005) Severity 6 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:C) Published 03/03/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-1170 AL2/ALAS-2023-2005 CVE - 2023-1170

Huawei EulerOS: CVE-2023-1170: vim security update Severity 6 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:C) Published 03/03/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. Solution(s) huawei-euleros-2_0_sp9-upgrade-vim-common huawei-euleros-2_0_sp9-upgrade-vim-enhanced huawei-euleros-2_0_sp9-upgrade-vim-filesystem huawei-euleros-2_0_sp9-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-1170 CVE - 2023-1170 EulerOS-SA-2023-1883

Amazon Linux AMI: CVE-2023-1170: Security patch for vim (ALAS-2023-1716) Severity 6 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:C) Published 03/03/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1716 CVE-2023-1170

Rocky Linux: CVE-2022-4645: libtiff (RLSA-2024-3059) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Solution(s) rocky-upgrade-libtiff rocky-upgrade-libtiff-debuginfo rocky-upgrade-libtiff-debugsource rocky-upgrade-libtiff-devel rocky-upgrade-libtiff-tools rocky-upgrade-libtiff-tools-debuginfo References https://attackerkb.com/topics/cve-2022-4645 CVE - 2022-4645 https://errata.rockylinux.org/RLSA-2024:3059

CentOS Linux: CVE-2023-26604: Moderate: systemd security and bug fix update (CESA-2023:3837) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 06/28/2023 Added 06/28/2023 Modified 01/28/2025 Description systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Solution(s) centos-upgrade-systemd centos-upgrade-systemd-container centos-upgrade-systemd-container-debuginfo centos-upgrade-systemd-debuginfo centos-upgrade-systemd-debugsource centos-upgrade-systemd-devel centos-upgrade-systemd-journal-remote centos-upgrade-systemd-journal-remote-debuginfo centos-upgrade-systemd-libs centos-upgrade-systemd-libs-debuginfo centos-upgrade-systemd-pam centos-upgrade-systemd-pam-debuginfo centos-upgrade-systemd-tests centos-upgrade-systemd-tests-debuginfo centos-upgrade-systemd-udev centos-upgrade-systemd-udev-debuginfo References CVE-2023-26604

CentOS Linux: CVE-2023-27561: Moderate: runc security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) centos-upgrade-aardvark-dns centos-upgrade-buildah centos-upgrade-buildah-debuginfo centos-upgrade-buildah-debugsource centos-upgrade-buildah-tests centos-upgrade-buildah-tests-debuginfo centos-upgrade-cockpit-podman centos-upgrade-conmon centos-upgrade-conmon-debuginfo centos-upgrade-conmon-debugsource centos-upgrade-container-selinux centos-upgrade-containernetworking-plugins centos-upgrade-containernetworking-plugins-debuginfo centos-upgrade-containernetworking-plugins-debugsource centos-upgrade-containers-common centos-upgrade-crit centos-upgrade-criu centos-upgrade-criu-debuginfo centos-upgrade-criu-debugsource centos-upgrade-criu-devel centos-upgrade-criu-libs centos-upgrade-criu-libs-debuginfo centos-upgrade-crun centos-upgrade-crun-debuginfo centos-upgrade-crun-debugsource centos-upgrade-fuse-overlayfs centos-upgrade-fuse-overlayfs-debuginfo centos-upgrade-fuse-overlayfs-debugsource centos-upgrade-libslirp centos-upgrade-libslirp-debuginfo centos-upgrade-libslirp-debugsource centos-upgrade-libslirp-devel centos-upgrade-netavark centos-upgrade-oci-seccomp-bpf-hook centos-upgrade-oci-seccomp-bpf-hook-debuginfo centos-upgrade-oci-seccomp-bpf-hook-debugsource centos-upgrade-podman centos-upgrade-podman-catatonit centos-upgrade-podman-catatonit-debuginfo centos-upgrade-podman-debuginfo centos-upgrade-podman-debugsource centos-upgrade-podman-docker centos-upgrade-podman-gvproxy centos-upgrade-podman-gvproxy-debuginfo centos-upgrade-podman-plugins centos-upgrade-podman-plugins-debuginfo centos-upgrade-podman-remote centos-upgrade-podman-remote-debuginfo centos-upgrade-podman-tests centos-upgrade-python3-criu centos-upgrade-python3-podman centos-upgrade-runc centos-upgrade-runc-debuginfo centos-upgrade-runc-debugsource centos-upgrade-skopeo centos-upgrade-skopeo-debuginfo centos-upgrade-skopeo-debugsource centos-upgrade-skopeo-tests centos-upgrade-slirp4netns centos-upgrade-slirp4netns-debuginfo centos-upgrade-slirp4netns-debugsource centos-upgrade-toolbox centos-upgrade-toolbox-debuginfo centos-upgrade-toolbox-debugsource centos-upgrade-toolbox-tests centos-upgrade-udica References CVE-2023-27561

Debian: CVE-2022-47665: libde265 -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/03/2023 Created 03/09/2023 Added 03/08/2023 Modified 01/28/2025 Description Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int) Solution(s) debian-upgrade-libde265 References https://attackerkb.com/topics/cve-2022-47665 CVE - 2022-47665 DLA-3352-1 DSA-5346-1

Amazon Linux AMI 2: CVE-2022-41862: Security patch for libpq, postgresql (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/03/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. Solution(s) amazon-linux-ami-2-upgrade-libpq amazon-linux-ami-2-upgrade-libpq-debuginfo amazon-linux-ami-2-upgrade-libpq-devel amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython2 amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2022-41862 AL2/ALASPOSTGRESQL12-2023-001 AL2/ALASPOSTGRESQL12-2024-010 AL2/ALASPOSTGRESQL13-2023-001 AL2/ALASPOSTGRESQL14-2023-001 AL2/ALASPOSTGRESQL14-2024-010 CVE - 2022-41862

Alma Linux: CVE-2023-27561: Moderate: container-tools:4.0 security and bug fix update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-fuse-overlayfs alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2023-27561 CVE - 2023-27561 https://errata.almalinux.org/8/ALSA-2023-6938.html https://errata.almalinux.org/8/ALSA-2023-6939.html https://errata.almalinux.org/9/ALSA-2023-6380.html

Alma Linux: CVE-2022-4645: Moderate: libtiff security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Solution(s) alma-upgrade-libtiff alma-upgrade-libtiff-devel alma-upgrade-libtiff-tools References https://attackerkb.com/topics/cve-2022-4645 CVE - 2022-4645 https://errata.almalinux.org/8/ALSA-2024-3059.html https://errata.almalinux.org/9/ALSA-2023-2340.html

Huawei EulerOS: CVE-2023-26604: systemd security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/30/2025 Description systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Solution(s) huawei-euleros-2_0_sp8-upgrade-systemd huawei-euleros-2_0_sp8-upgrade-systemd-container huawei-euleros-2_0_sp8-upgrade-systemd-devel huawei-euleros-2_0_sp8-upgrade-systemd-journal-remote huawei-euleros-2_0_sp8-upgrade-systemd-libs huawei-euleros-2_0_sp8-upgrade-systemd-pam huawei-euleros-2_0_sp8-upgrade-systemd-udev huawei-euleros-2_0_sp8-upgrade-systemd-udev-compat References https://attackerkb.com/topics/cve-2023-26604 CVE - 2023-26604 EulerOS-SA-2024-1303

Huawei EulerOS: CVE-2023-26604: systemd security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/30/2025 Description systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Solution(s) huawei-euleros-2_0_sp9-upgrade-systemd huawei-euleros-2_0_sp9-upgrade-systemd-container huawei-euleros-2_0_sp9-upgrade-systemd-libs huawei-euleros-2_0_sp9-upgrade-systemd-udev huawei-euleros-2_0_sp9-upgrade-systemd-udev-compat References https://attackerkb.com/topics/cve-2023-26604 CVE - 2023-26604 EulerOS-SA-2023-1880

VMware Photon OS: CVE-2023-27561 Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-27561 CVE - 2023-27561

SUSE: CVE-2023-27561: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 05/05/2023 Added 04/04/2023 Modified 01/28/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) suse-upgrade-runc References https://attackerkb.com/topics/cve-2023-27561 CVE - 2023-27561

Red Hat OpenShift: CVE-2023-0056: haproxy: segfault DoS Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 03/04/2023 Added 03/03/2023 Modified 01/28/2025 Description An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. Solution(s) linuxrpm-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-0056 CVE - 2023-0056 RHSA-2023:0727 RHSA-2023:1325 RHSA-2023:1696 RHSA-2023:1978 RHSA-2024:0746

Red Hat OpenShift: CVE-2023-27561: runc: volume mount race condition (regression of ) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 06/27/2023 Added 06/26/2023 Modified 01/28/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) linuxrpm-upgrade-runc References https://attackerkb.com/topics/cve-2023-27561 CVE - 2023-27561 RHSA-2023:1326 RHSA-2023:3612 RHSA-2023:5006 RHSA-2023:6380 RHSA-2023:6938 RHSA-2023:6939 View more

Zoho ManageEngine ADSelfService Plus: OTP BruteForce (CVE-2022-36413) Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 03/03/2023 Created 12/21/2024 Added 12/18/2024 Modified 12/18/2024 Description An OTPbruteforce issue in the Password Sync Agent that could affect integrated third-party applications. Solution(s) zoho-manageengine-adselfservice-plus-upgrade-latest References https://attackerkb.com/topics/cve-2022-36413 CVE - 2022-36413 https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-36413.html

Zoho ManageEngine ADSelfService Plus: Unauthenticated DOS Attack (CVE-2023-28342) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/03/2023 Created 12/21/2024 Added 12/18/2024 Modified 12/18/2024 Description The mobile app authentication API is vulnerable to the unauthenticated denialofservice (DoS) attack. Solution(s) zoho-manageengine-adselfservice-plus-upgrade-latest References https://attackerkb.com/topics/cve-2023-28342 CVE - 2023-28342 https://manageengine.com https://www.manageengine.com/products/self-service-password/advisory/CVE-2023-28342.html

Ubuntu: USN-6061-1 (CVE-2023-25358): WebKitGTK vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) ubuntu-upgrade-libjavascriptcoregtk-4-0-18 ubuntu-upgrade-libjavascriptcoregtk-4-1-0 ubuntu-upgrade-libjavascriptcoregtk-5-0-0 ubuntu-upgrade-libjavascriptcoregtk-6-0-1 ubuntu-upgrade-libwebkit2gtk-4-0-37 ubuntu-upgrade-libwebkit2gtk-4-1-0 ubuntu-upgrade-libwebkit2gtk-5-0-0 ubuntu-upgrade-libwebkitgtk-6-0-4 References https://attackerkb.com/topics/cve-2023-25358 CVE - 2023-25358 USN-6061-1

Rocky Linux: CVE-2023-25155: redis-6 (RLSA-2025-0595) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/02/2023 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. Solution(s) rocky-upgrade-redis rocky-upgrade-redis-debuginfo rocky-upgrade-redis-debugsource rocky-upgrade-redis-devel References https://attackerkb.com/topics/cve-2023-25155 CVE - 2023-25155 https://errata.rockylinux.org/RLSA-2025:0595

SUSE: CVE-2023-25358: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/05/2023 Added 04/28/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) suse-upgrade-libjavascriptcoregtk-4_0-18 suse-upgrade-libjavascriptcoregtk-4_0-18-32bit suse-upgrade-libjavascriptcoregtk-4_1-0 suse-upgrade-libjavascriptcoregtk-4_1-0-32bit suse-upgrade-libjavascriptcoregtk-5_0-0 suse-upgrade-libwebkit2gtk-4_0-37 suse-upgrade-libwebkit2gtk-4_0-37-32bit suse-upgrade-libwebkit2gtk-4_1-0 suse-upgrade-libwebkit2gtk-4_1-0-32bit suse-upgrade-libwebkit2gtk-5_0-0 suse-upgrade-libwebkit2gtk3-lang suse-upgrade-typelib-1_0-javascriptcore-4_0 suse-upgrade-typelib-1_0-javascriptcore-4_1 suse-upgrade-typelib-1_0-javascriptcore-5_0 suse-upgrade-typelib-1_0-webkit2-4_0 suse-upgrade-typelib-1_0-webkit2-4_1 suse-upgrade-typelib-1_0-webkit2-5_0 suse-upgrade-typelib-1_0-webkit2webextension-4_0 suse-upgrade-typelib-1_0-webkit2webextension-4_1 suse-upgrade-typelib-1_0-webkit2webextension-5_0 suse-upgrade-webkit-jsc-4 suse-upgrade-webkit-jsc-4-1 suse-upgrade-webkit-jsc-5-0 suse-upgrade-webkit2gtk-4-0-lang suse-upgrade-webkit2gtk-4-1-lang suse-upgrade-webkit2gtk-4_0-injected-bundles suse-upgrade-webkit2gtk-4_1-injected-bundles suse-upgrade-webkit2gtk-5-0-lang suse-upgrade-webkit2gtk-5_0-injected-bundles suse-upgrade-webkit2gtk3-devel suse-upgrade-webkit2gtk3-minibrowser suse-upgrade-webkit2gtk3-soup2-devel suse-upgrade-webkit2gtk3-soup2-minibrowser suse-upgrade-webkit2gtk4-devel suse-upgrade-webkit2gtk4-minibrowser References https://attackerkb.com/topics/cve-2023-25358 CVE - 2023-25358

SUSE: CVE-2023-1118: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/02/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-1118 CVE - 2023-1118

SUSE: CVE-2023-25361: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/05/2023 Added 04/28/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) suse-upgrade-libjavascriptcoregtk-4_0-18 suse-upgrade-libjavascriptcoregtk-4_0-18-32bit suse-upgrade-libjavascriptcoregtk-4_1-0 suse-upgrade-libjavascriptcoregtk-4_1-0-32bit suse-upgrade-libjavascriptcoregtk-5_0-0 suse-upgrade-libwebkit2gtk-4_0-37 suse-upgrade-libwebkit2gtk-4_0-37-32bit suse-upgrade-libwebkit2gtk-4_1-0 suse-upgrade-libwebkit2gtk-4_1-0-32bit suse-upgrade-libwebkit2gtk-5_0-0 suse-upgrade-libwebkit2gtk3-lang suse-upgrade-typelib-1_0-javascriptcore-4_0 suse-upgrade-typelib-1_0-javascriptcore-4_1 suse-upgrade-typelib-1_0-javascriptcore-5_0 suse-upgrade-typelib-1_0-webkit2-4_0 suse-upgrade-typelib-1_0-webkit2-4_1 suse-upgrade-typelib-1_0-webkit2-5_0 suse-upgrade-typelib-1_0-webkit2webextension-4_0 suse-upgrade-typelib-1_0-webkit2webextension-4_1 suse-upgrade-typelib-1_0-webkit2webextension-5_0 suse-upgrade-webkit-jsc-4 suse-upgrade-webkit-jsc-4-1 suse-upgrade-webkit-jsc-5-0 suse-upgrade-webkit2gtk-4-0-lang suse-upgrade-webkit2gtk-4-1-lang suse-upgrade-webkit2gtk-4_0-injected-bundles suse-upgrade-webkit2gtk-4_1-injected-bundles suse-upgrade-webkit2gtk-5-0-lang suse-upgrade-webkit2gtk-5_0-injected-bundles suse-upgrade-webkit2gtk3-devel suse-upgrade-webkit2gtk3-minibrowser suse-upgrade-webkit2gtk3-soup2-devel suse-upgrade-webkit2gtk3-soup2-minibrowser suse-upgrade-webkit2gtk4-devel suse-upgrade-webkit2gtk4-minibrowser References https://attackerkb.com/topics/cve-2023-25361 CVE - 2023-25361

SUSE: CVE-2023-25363: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/05/2023 Added 04/28/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) suse-upgrade-libjavascriptcoregtk-4_0-18 suse-upgrade-libjavascriptcoregtk-4_0-18-32bit suse-upgrade-libjavascriptcoregtk-4_1-0 suse-upgrade-libjavascriptcoregtk-4_1-0-32bit suse-upgrade-libjavascriptcoregtk-5_0-0 suse-upgrade-libwebkit2gtk-4_0-37 suse-upgrade-libwebkit2gtk-4_0-37-32bit suse-upgrade-libwebkit2gtk-4_1-0 suse-upgrade-libwebkit2gtk-4_1-0-32bit suse-upgrade-libwebkit2gtk-5_0-0 suse-upgrade-libwebkit2gtk3-lang suse-upgrade-typelib-1_0-javascriptcore-4_0 suse-upgrade-typelib-1_0-javascriptcore-4_1 suse-upgrade-typelib-1_0-javascriptcore-5_0 suse-upgrade-typelib-1_0-webkit2-4_0 suse-upgrade-typelib-1_0-webkit2-4_1 suse-upgrade-typelib-1_0-webkit2-5_0 suse-upgrade-typelib-1_0-webkit2webextension-4_0 suse-upgrade-typelib-1_0-webkit2webextension-4_1 suse-upgrade-typelib-1_0-webkit2webextension-5_0 suse-upgrade-webkit-jsc-4 suse-upgrade-webkit-jsc-4-1 suse-upgrade-webkit-jsc-5-0 suse-upgrade-webkit2gtk-4-0-lang suse-upgrade-webkit2gtk-4-1-lang suse-upgrade-webkit2gtk-4_0-injected-bundles suse-upgrade-webkit2gtk-4_1-injected-bundles suse-upgrade-webkit2gtk-5-0-lang suse-upgrade-webkit2gtk-5_0-injected-bundles suse-upgrade-webkit2gtk3-devel suse-upgrade-webkit2gtk3-minibrowser suse-upgrade-webkit2gtk3-soup2-devel suse-upgrade-webkit2gtk3-soup2-minibrowser suse-upgrade-webkit2gtk4-devel suse-upgrade-webkit2gtk4-minibrowser References https://attackerkb.com/topics/cve-2023-25363 CVE - 2023-25363

CentOS Linux: CVE-2023-25363: Important: webkit2gtk3 security and bug fix update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) centos-upgrade-webkit2gtk3 centos-upgrade-webkit2gtk3-debuginfo centos-upgrade-webkit2gtk3-debugsource centos-upgrade-webkit2gtk3-devel centos-upgrade-webkit2gtk3-devel-debuginfo centos-upgrade-webkit2gtk3-jsc centos-upgrade-webkit2gtk3-jsc-debuginfo centos-upgrade-webkit2gtk3-jsc-devel centos-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-25363