ISHACK AI BOT

CentOS Linux: CVE-2023-25361: Important: webkit2gtk3 security and bug fix update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) centos-upgrade-webkit2gtk3 centos-upgrade-webkit2gtk3-debuginfo centos-upgrade-webkit2gtk3-debugsource centos-upgrade-webkit2gtk3-devel centos-upgrade-webkit2gtk3-devel-debuginfo centos-upgrade-webkit2gtk3-jsc centos-upgrade-webkit2gtk3-jsc-debuginfo centos-upgrade-webkit2gtk3-jsc-devel centos-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-25361

CentOS Linux: CVE-2023-25358: Important: webkit2gtk3 security and bug fix update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) centos-upgrade-webkit2gtk3 centos-upgrade-webkit2gtk3-debuginfo centos-upgrade-webkit2gtk3-debugsource centos-upgrade-webkit2gtk3-devel centos-upgrade-webkit2gtk3-devel-debuginfo centos-upgrade-webkit2gtk3-jsc centos-upgrade-webkit2gtk3-jsc-debuginfo centos-upgrade-webkit2gtk3-jsc-devel centos-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-25358

Debian: CVE-2023-25362: webkit2gtk, wpewebkit -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2023-25362 CVE - 2023-25362 DLA-3124-1 DSA-5240-1 DSA-5241-1

Gentoo Linux: CVE-2023-25363: WebKitGTK+: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) gentoo-linux-upgrade-net-libs-webkit-gtk References https://attackerkb.com/topics/cve-2023-25363 CVE - 2023-25363 202305-32

Red Hat: CVE-2023-25362: repaintBlockSelectionGaps() (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-25362 RHSA-2023:2256 RHSA-2023:2834

Red Hat: CVE-2023-1118: kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/02/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-1118 RHSA-2023:6901 RHSA-2023:7077 RHSA-2024:1653 RHSA-2024:3810

Huawei EulerOS: CVE-2023-1118: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/02/2023 Created 07/05/2023 Added 07/05/2023 Modified 01/28/2025 Description A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1118 CVE - 2023-1118 EulerOS-SA-2023-2296

Alpine Linux: CVE-2023-26053: Inclusion of Functionality from Untrusted Control Sphere Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a `trusted-key` or `pgp` element in their dependency verification metadata file. The fix is to fail dependency verification if anything but a fingerprint is used in a trust element in dependency verification metadata. The problem is fixed in Gradle 8.0 and above. The problem is also patched in Gradle 6.9.4 and 7.6.1. As a workaround, use only full fingerprint IDs for `trusted-key` or `pgp` element in the metadata is a protection against this issue. Solution(s) alpine-linux-upgrade-gradle References https://attackerkb.com/topics/cve-2023-26053 CVE - 2023-26053 https://security.alpinelinux.org/vuln/CVE-2023-26053

Huawei EulerOS: CVE-2023-1118: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/02/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Solution(s) huawei-euleros-2_0_sp5-upgrade-kernel huawei-euleros-2_0_sp5-upgrade-kernel-devel huawei-euleros-2_0_sp5-upgrade-kernel-headers huawei-euleros-2_0_sp5-upgrade-kernel-tools huawei-euleros-2_0_sp5-upgrade-kernel-tools-libs huawei-euleros-2_0_sp5-upgrade-perf huawei-euleros-2_0_sp5-upgrade-python-perf References https://attackerkb.com/topics/cve-2023-1118 CVE - 2023-1118 EulerOS-SA-2023-2152

Debian: CVE-2023-25155: redis -- security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 03/02/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. Solution(s) debian-upgrade-redis References https://attackerkb.com/topics/cve-2023-25155 CVE - 2023-25155 DLA-3885-1

Debian: CVE-2023-25358: webkit2gtk, wpewebkit -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2023-25358 CVE - 2023-25358 DLA-3124-1 DSA-5240-1 DSA-5241-1

Debian: CVE-2023-25361: webkit2gtk, wpewebkit -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2023-25361 CVE - 2023-25361 DLA-3124-1 DSA-5240-1 DSA-5241-1

Gentoo Linux: CVE-2022-47664: libde265: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/03/2023 Created 08/13/2024 Added 08/12/2024 Modified 01/28/2025 Description Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse Solution(s) gentoo-linux-upgrade-media-libs-libde265 References https://attackerkb.com/topics/cve-2022-47664 CVE - 2022-47664 202408-20

Huawei EulerOS: CVE-2023-27561: docker-runc security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) huawei-euleros-2_0_sp11-upgrade-docker-runc References https://attackerkb.com/topics/cve-2023-27561 CVE - 2023-27561 EulerOS-SA-2023-2680

Alma Linux: CVE-2022-41862: Moderate: postgresql:13 security update (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/03/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. Solution(s) alma-upgrade-libpq alma-upgrade-libpq-devel alma-upgrade-pg_repack alma-upgrade-pgaudit alma-upgrade-postgres-decoderbufs alma-upgrade-postgresql alma-upgrade-postgresql-contrib alma-upgrade-postgresql-docs alma-upgrade-postgresql-plperl alma-upgrade-postgresql-plpython3 alma-upgrade-postgresql-pltcl alma-upgrade-postgresql-private-devel alma-upgrade-postgresql-private-libs alma-upgrade-postgresql-server alma-upgrade-postgresql-server-devel alma-upgrade-postgresql-static alma-upgrade-postgresql-test alma-upgrade-postgresql-test-rpm-macros alma-upgrade-postgresql-upgrade alma-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2022-41862 CVE - 2022-41862 https://errata.almalinux.org/8/ALSA-2023-1576.html https://errata.almalinux.org/8/ALSA-2023-4535.html https://errata.almalinux.org/8/ALSA-2023-7016.html https://errata.almalinux.org/9/ALSA-2023-1693.html https://errata.almalinux.org/9/ALSA-2023-6429.html

Ubuntu: (CVE-2022-4645): tiff vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Solution(s) ubuntu-pro-upgrade-tiff References https://attackerkb.com/topics/cve-2022-4645 CVE - 2022-4645 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json https://www.cve.org/CVERecord?id=CVE-2022-4645

Rocky Linux: CVE-2022-41862: postgresql-12 (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/03/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. Solution(s) rocky-upgrade-pg_repack rocky-upgrade-pg_repack-debuginfo rocky-upgrade-pg_repack-debugsource rocky-upgrade-pgaudit rocky-upgrade-pgaudit-debuginfo rocky-upgrade-pgaudit-debugsource rocky-upgrade-postgres-decoderbufs rocky-upgrade-postgres-decoderbufs-debuginfo rocky-upgrade-postgres-decoderbufs-debugsource rocky-upgrade-postgresql rocky-upgrade-postgresql-contrib rocky-upgrade-postgresql-contrib-debuginfo rocky-upgrade-postgresql-debuginfo rocky-upgrade-postgresql-debugsource rocky-upgrade-postgresql-docs rocky-upgrade-postgresql-docs-debuginfo rocky-upgrade-postgresql-plperl rocky-upgrade-postgresql-plperl-debuginfo rocky-upgrade-postgresql-plpython3 rocky-upgrade-postgresql-plpython3-debuginfo rocky-upgrade-postgresql-pltcl rocky-upgrade-postgresql-pltcl-debuginfo rocky-upgrade-postgresql-server rocky-upgrade-postgresql-server-debuginfo rocky-upgrade-postgresql-server-devel rocky-upgrade-postgresql-server-devel-debuginfo rocky-upgrade-postgresql-static rocky-upgrade-postgresql-test rocky-upgrade-postgresql-test-debuginfo rocky-upgrade-postgresql-upgrade rocky-upgrade-postgresql-upgrade-debuginfo rocky-upgrade-postgresql-upgrade-devel rocky-upgrade-postgresql-upgrade-devel-debuginfo References https://attackerkb.com/topics/cve-2022-41862 CVE - 2022-41862 https://errata.rockylinux.org/RLSA-2023:1576 https://errata.rockylinux.org/RLSA-2023:4535

Huawei EulerOS: CVE-2023-26604: systemd security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/30/2025 Description systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Solution(s) huawei-euleros-2_0_sp10-upgrade-systemd huawei-euleros-2_0_sp10-upgrade-systemd-container huawei-euleros-2_0_sp10-upgrade-systemd-libs huawei-euleros-2_0_sp10-upgrade-systemd-networkd huawei-euleros-2_0_sp10-upgrade-systemd-nspawn huawei-euleros-2_0_sp10-upgrade-systemd-pam huawei-euleros-2_0_sp10-upgrade-systemd-resolved huawei-euleros-2_0_sp10-upgrade-systemd-timesyncd huawei-euleros-2_0_sp10-upgrade-systemd-udev huawei-euleros-2_0_sp10-upgrade-systemd-udev-compat References https://attackerkb.com/topics/cve-2023-26604 CVE - 2023-26604 EulerOS-SA-2023-1832

Oracle Linux: CVE-2023-26604: ELSA-2024-7705:systemd security update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 03/03/2023 Created 07/25/2023 Added 07/21/2023 Modified 12/06/2024 Description systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. A vulnerability was found in the systemd package. The systemd package does not adequately block local privilege escalation for some Sudo configurations, for example, plausible sudoers files, in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This issue presents a substantial security risk when running systemctl from Sudo because less executes as root when the terminal size is too small to show the complete systemctl output. Solution(s) oracle-linux-upgrade-libgudev1 oracle-linux-upgrade-libgudev1-devel oracle-linux-upgrade-systemd oracle-linux-upgrade-systemd-devel oracle-linux-upgrade-systemd-journal-gateway oracle-linux-upgrade-systemd-libs oracle-linux-upgrade-systemd-networkd oracle-linux-upgrade-systemd-python oracle-linux-upgrade-systemd-resolved oracle-linux-upgrade-systemd-sysv References https://attackerkb.com/topics/cve-2023-26604 CVE - 2023-26604 ELSA-2024-7705 ELSA-2023-3837

Huawei EulerOS: CVE-2023-27561: docker-runc security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 03/03/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. Solution(s) huawei-euleros-2_0_sp10-upgrade-docker-runc References https://attackerkb.com/topics/cve-2023-27561 CVE - 2023-27561 EulerOS-SA-2023-1818

VMware Photon OS: CVE-2023-25155 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/02/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-25155 CVE - 2023-25155

Debian: CVE-2022-4645: tiff -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 03/07/2023 Added 03/06/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Solution(s) debian-upgrade-tiff References https://attackerkb.com/topics/cve-2022-4645 CVE - 2022-4645 DSA-5333-1

Gentoo Linux: CVE-2023-25358: WebKitGTK+: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) gentoo-linux-upgrade-net-libs-webkit-gtk References https://attackerkb.com/topics/cve-2023-25358 CVE - 2023-25358 202305-32

FreeBSD: VID-F7C5B3A9-B9FB-11ED-99C6-001B217B3468 (CVE-2022-3381): Gitlab -- Multiple Vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 03/02/2023 Created 03/07/2023 Added 03/05/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-F7C5B3A9-B9FB-11ED-99C6-001B217B3468: Gitlab reports: Stored XSS via Kroki diagram Prometheus integration Google IAP details are not hidden, may leak account details from instance/group/project settings Improper validation of SSO and SCIM tokens while managing groups Maintainer can leak Datadog API key by changing Datadog site Clipboard based XSS in the title field of work items Improper user right checks for personal snippets Release Description visible in public projects despite release set as project members only Group integration settings sensitive information exposed to project maintainers Improve pagination limits for commits Gitlab Open Redirect Vulnerability Maintainer may become an Owner of a project Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2022-3381

CentOS Linux: CVE-2023-25360: Important: webkit2gtk3 security and bug fix update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/02/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Solution(s) centos-upgrade-webkit2gtk3 centos-upgrade-webkit2gtk3-debuginfo centos-upgrade-webkit2gtk3-debugsource centos-upgrade-webkit2gtk3-devel centos-upgrade-webkit2gtk3-devel-debuginfo centos-upgrade-webkit2gtk3-jsc centos-upgrade-webkit2gtk3-jsc-debuginfo centos-upgrade-webkit2gtk3-jsc-devel centos-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-25360