ISHACK AI BOT

SUSE: CVE-2023-23001: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 03/29/2023 Added 03/29/2023 Modified 01/28/2025 Description In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-23001 CVE - 2023-23001

Debian: CVE-2023-1127: vim -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. Solution(s) debian-upgrade-vim References https://attackerkb.com/topics/cve-2023-1127 CVE - 2023-1127

Gentoo Linux: CVE-2022-36021: Redis: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. Solution(s) gentoo-linux-upgrade-dev-db-redis References https://attackerkb.com/topics/cve-2022-36021 CVE - 2022-36021 202408-05

Gentoo Linux: CVE-2023-24756: libde265: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/01/2023 Created 08/13/2024 Added 08/12/2024 Modified 01/28/2025 Description libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Solution(s) gentoo-linux-upgrade-media-libs-libde265 References https://attackerkb.com/topics/cve-2023-24756 CVE - 2023-24756 202408-20

VMware Photon OS: CVE-2023-23002 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23002 CVE - 2023-23002

Ubuntu: (Multiple Advisories) (CVE-2023-23004): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) ubuntu-upgrade-linux-image-5-15-0-1025-gkeop ubuntu-upgrade-linux-image-5-15-0-1030-nvidia ubuntu-upgrade-linux-image-5-15-0-1030-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1035-ibm ubuntu-upgrade-linux-image-5-15-0-1035-raspi ubuntu-upgrade-linux-image-5-15-0-1037-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1039-gcp ubuntu-upgrade-linux-image-5-15-0-1039-gke ubuntu-upgrade-linux-image-5-15-0-1039-kvm ubuntu-upgrade-linux-image-5-15-0-1040-oracle ubuntu-upgrade-linux-image-5-15-0-1041-aws ubuntu-upgrade-linux-image-5-15-0-1042-aws ubuntu-upgrade-linux-image-5-15-0-1043-azure-fde ubuntu-upgrade-linux-image-5-15-0-1045-azure ubuntu-upgrade-linux-image-5-15-0-1045-azure-fde ubuntu-upgrade-linux-image-5-15-0-79-generic ubuntu-upgrade-linux-image-5-15-0-79-generic-64k ubuntu-upgrade-linux-image-5-15-0-79-generic-lpae ubuntu-upgrade-linux-image-5-15-0-79-lowlatency ubuntu-upgrade-linux-image-5-15-0-79-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1033-iot ubuntu-upgrade-linux-image-5-4-0-1040-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1068-ibm ubuntu-upgrade-linux-image-5-4-0-1081-bluefield ubuntu-upgrade-linux-image-5-4-0-1088-gkeop ubuntu-upgrade-linux-image-5-4-0-1105-raspi ubuntu-upgrade-linux-image-5-4-0-1109-kvm ubuntu-upgrade-linux-image-5-4-0-1120-oracle ubuntu-upgrade-linux-image-5-4-0-1121-aws ubuntu-upgrade-linux-image-5-4-0-1125-gcp ubuntu-upgrade-linux-image-5-4-0-1126-azure ubuntu-upgrade-linux-image-5-4-0-174-generic ubuntu-upgrade-linux-image-5-4-0-174-generic-lpae ubuntu-upgrade-linux-image-5-4-0-174-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-23004 CVE - 2023-23004 USN-6300-1 USN-6311-1 USN-6332-1 USN-6347-1 USN-6702-1 USN-6702-2 USN-6716-1 View more

Ubuntu: (CVE-2023-23002): linux-oem-5.14 vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) ubuntu-upgrade-linux-oem-5-14 References https://attackerkb.com/topics/cve-2023-23002 CVE - 2023-23002 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 https://git.kernel.org/linus/6845667146a28c09b5dfc401c1ad112374087944 https://github.com/torvalds/linux/commit/6845667146a28c09b5dfc401c1ad112374087944 https://www.cve.org/CVERecord?id=CVE-2023-23002

Ubuntu: USN-6659-1 (CVE-2023-24756): libde265 vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/01/2023 Created 02/28/2024 Added 02/27/2024 Modified 01/28/2025 Description libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Solution(s) ubuntu-pro-upgrade-libde265-0 References https://attackerkb.com/topics/cve-2023-24756 CVE - 2023-24756 USN-6659-1

Ubuntu: (CVE-2023-23006): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oem-5-14 ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2023-23006 CVE - 2023-23006 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13 https://git.kernel.org/linus/6b8b42585886c59a008015083282aae434349094 https://github.com/torvalds/linux/commit/6b8b42585886c59a008015083282aae434349094 https://www.cve.org/CVERecord?id=CVE-2023-23006

Amazon Linux AMI 2: CVE-2022-36021: Security patch for redis (ALASREDIS6-2023-001) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. Solution(s) amazon-linux-ami-2-upgrade-redis amazon-linux-ami-2-upgrade-redis-debuginfo amazon-linux-ami-2-upgrade-redis-devel amazon-linux-ami-2-upgrade-redis-doc References https://attackerkb.com/topics/cve-2022-36021 AL2/ALASREDIS6-2023-001 CVE - 2022-36021

Amazon Linux AMI 2: CVE-2023-0567: Security patch for php (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:C/A:N) Published 03/01/2023 Created 09/14/2023 Added 09/14/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. Solution(s) amazon-linux-ami-2-upgrade-php amazon-linux-ami-2-upgrade-php-bcmath amazon-linux-ami-2-upgrade-php-cli amazon-linux-ami-2-upgrade-php-common amazon-linux-ami-2-upgrade-php-dba amazon-linux-ami-2-upgrade-php-dbg amazon-linux-ami-2-upgrade-php-debuginfo amazon-linux-ami-2-upgrade-php-devel amazon-linux-ami-2-upgrade-php-embedded amazon-linux-ami-2-upgrade-php-enchant amazon-linux-ami-2-upgrade-php-fpm amazon-linux-ami-2-upgrade-php-gd amazon-linux-ami-2-upgrade-php-gmp amazon-linux-ami-2-upgrade-php-intl amazon-linux-ami-2-upgrade-php-ldap amazon-linux-ami-2-upgrade-php-mbstring amazon-linux-ami-2-upgrade-php-mysqlnd amazon-linux-ami-2-upgrade-php-odbc amazon-linux-ami-2-upgrade-php-opcache amazon-linux-ami-2-upgrade-php-pdo amazon-linux-ami-2-upgrade-php-pgsql amazon-linux-ami-2-upgrade-php-process amazon-linux-ami-2-upgrade-php-pspell amazon-linux-ami-2-upgrade-php-snmp amazon-linux-ami-2-upgrade-php-soap amazon-linux-ami-2-upgrade-php-sodium amazon-linux-ami-2-upgrade-php-xml References https://attackerkb.com/topics/cve-2023-0567 AL2/ALASPHP8.0-2023-002 AL2/ALASPHP8.1-2023-002 AL2/ALASPHP8.2-2023-001 CVE - 2023-0567

Amazon Linux AMI 2: CVE-2023-1127: Security patch for vim (ALAS-2023-1991) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/01/2023 Created 03/23/2023 Added 03/22/2023 Modified 01/28/2025 Description Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-1127 AL2/ALAS-2023-1991 CVE - 2023-1127

Google Chrome Vulnerability: CVE-2023-0930 Heap buffer overflow in Video Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/01/2023 Created 03/02/2023 Added 03/01/2023 Modified 01/28/2025 Description Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-0930 CVE - 2023-0930 https://chromereleases.googleblog.com/2023/02/stable-channel-desktop-update_22.html

VMware Photon OS: CVE-2022-36021 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/01/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-36021 CVE - 2022-36021

Google Chrome Vulnerability: CVE-2023-0929 Use after free in Vulkan Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/01/2023 Created 03/02/2023 Added 03/01/2023 Modified 01/28/2025 Description Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-0929 CVE - 2023-0929 https://chromereleases.googleblog.com/2023/02/stable-channel-desktop-update_22.html

CentOS Linux: CVE-2023-0567: Important: php security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:C/A:N) Published 03/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. Solution(s) centos-upgrade-apcu-panel centos-upgrade-libzip centos-upgrade-libzip-debuginfo centos-upgrade-libzip-debugsource centos-upgrade-libzip-devel centos-upgrade-libzip-tools centos-upgrade-libzip-tools-debuginfo centos-upgrade-php centos-upgrade-php-bcmath centos-upgrade-php-bcmath-debuginfo centos-upgrade-php-cli centos-upgrade-php-cli-debuginfo centos-upgrade-php-common centos-upgrade-php-common-debuginfo centos-upgrade-php-dba centos-upgrade-php-dba-debuginfo centos-upgrade-php-dbg centos-upgrade-php-dbg-debuginfo centos-upgrade-php-debuginfo centos-upgrade-php-debugsource centos-upgrade-php-devel centos-upgrade-php-embedded centos-upgrade-php-embedded-debuginfo centos-upgrade-php-enchant centos-upgrade-php-enchant-debuginfo centos-upgrade-php-ffi centos-upgrade-php-ffi-debuginfo centos-upgrade-php-fpm centos-upgrade-php-fpm-debuginfo centos-upgrade-php-gd centos-upgrade-php-gd-debuginfo centos-upgrade-php-gmp centos-upgrade-php-gmp-debuginfo centos-upgrade-php-intl centos-upgrade-php-intl-debuginfo centos-upgrade-php-ldap centos-upgrade-php-ldap-debuginfo centos-upgrade-php-mbstring centos-upgrade-php-mbstring-debuginfo centos-upgrade-php-mysqlnd centos-upgrade-php-mysqlnd-debuginfo centos-upgrade-php-odbc centos-upgrade-php-odbc-debuginfo centos-upgrade-php-opcache centos-upgrade-php-opcache-debuginfo centos-upgrade-php-pdo centos-upgrade-php-pdo-debuginfo centos-upgrade-php-pear centos-upgrade-php-pecl-apcu centos-upgrade-php-pecl-apcu-debuginfo centos-upgrade-php-pecl-apcu-debugsource centos-upgrade-php-pecl-apcu-devel centos-upgrade-php-pecl-rrd centos-upgrade-php-pecl-rrd-debuginfo centos-upgrade-php-pecl-rrd-debugsource centos-upgrade-php-pecl-xdebug3 centos-upgrade-php-pecl-xdebug3-debuginfo centos-upgrade-php-pecl-xdebug3-debugsource centos-upgrade-php-pecl-zip centos-upgrade-php-pecl-zip-debuginfo centos-upgrade-php-pecl-zip-debugsource centos-upgrade-php-pgsql centos-upgrade-php-pgsql-debuginfo centos-upgrade-php-process centos-upgrade-php-process-debuginfo centos-upgrade-php-snmp centos-upgrade-php-snmp-debuginfo centos-upgrade-php-soap centos-upgrade-php-soap-debuginfo centos-upgrade-php-xml centos-upgrade-php-xml-debuginfo References CVE-2023-0567

Debian: CVE-2022-27672: linux, xen -- security update Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 03/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. Solution(s) debian-upgrade-linux debian-upgrade-xen References https://attackerkb.com/topics/cve-2022-27672 CVE - 2022-27672

VMware Photon OS: CVE-2023-27371 Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-27371 CVE - 2023-27371

Debian: CVE-2023-1018: libtpms -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 02/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. Solution(s) debian-upgrade-libtpms References https://attackerkb.com/topics/cve-2023-1018 CVE - 2023-1018

Debian: CVE-2023-22996: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-22996 CVE - 2023-22996

Debian: CVE-2023-22998: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-22998 CVE - 2023-22998 DLA-3404-1

Debian: CVE-2023-20938: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-20938 CVE - 2023-20938

Debian: CVE-2023-22997: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-22997 CVE - 2023-22997

Aruba AOS-10: CVE-2023-22754: Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-22754 References https://attackerkb.com/topics/cve-2023-22754 CVE - 2023-22754 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json

Aruba AOS-10: CVE-2023-22753: Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-22753 References https://attackerkb.com/topics/cve-2023-22753 CVE - 2023-22753 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json