ISHACK AI BOT

Aruba AOS-10: CVE-2023-22776:Authenticated Remote Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Read Severity 6 CVSS (AV:N/AC:L/Au:M/C:C/I:N/A:N) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files. Solution(s) aruba-aos-10-cve-2023-22776 References https://attackerkb.com/topics/cve-2023-22776 CVE - 2023-22776 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json

Huawei EulerOS: CVE-2022-41723: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Solution(s) huawei-euleros-2_0_sp8-upgrade-golang huawei-euleros-2_0_sp8-upgrade-golang-bin huawei-euleros-2_0_sp8-upgrade-golang-src References https://attackerkb.com/topics/cve-2022-41723 CVE - 2022-41723 EulerOS-SA-2024-1269

Aruba AOS-10: CVE-2023-22777: Authenticated Information Disclosure in ArubaOS Web-based Management Interface Severity 6 CVSS (AV:N/AC:L/Au:M/C:C/I:N/A:N) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description An authenticated information disclosure vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system. Solution(s) aruba-aos-10-cve-2023-22777 References https://attackerkb.com/topics/cve-2023-22777 CVE - 2023-22777 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json

Aruba AOS-10: CVE-2023-22759: Authenticated Remote Command Execution in ArubaOS Web-based Management Interface Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS. Solution(s) aruba-aos-10-cve-2023-22759 References https://attackerkb.com/topics/cve-2023-22759 CVE - 2023-22759 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json

Ubuntu: (Multiple Advisories) (CVE-2023-1095): Linux kernel (AWS) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. Solution(s) ubuntu-upgrade-linux-image-4-4-0-1117-aws ubuntu-upgrade-linux-image-4-4-0-1118-kvm ubuntu-upgrade-linux-image-4-4-0-1155-aws ubuntu-upgrade-linux-image-4-4-0-239-generic ubuntu-upgrade-linux-image-4-4-0-239-lowlatency ubuntu-upgrade-linux-image-5-17-0-1030-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2023-1095 CVE - 2023-1095 USN-6001-1 USN-6013-1 USN-6014-1 USN-6031-1

Ubuntu: (Multiple Advisories) (CVE-2023-0461): Linux kernel (HWE) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c Solution(s) ubuntu-upgrade-linux-image-4-15-0-1061-dell300x ubuntu-upgrade-linux-image-4-15-0-1115-oracle ubuntu-upgrade-linux-image-4-15-0-1128-raspi2 ubuntu-upgrade-linux-image-4-15-0-1136-kvm ubuntu-upgrade-linux-image-4-15-0-1146-gcp ubuntu-upgrade-linux-image-4-15-0-1146-snapdragon ubuntu-upgrade-linux-image-4-15-0-1151-aws ubuntu-upgrade-linux-image-4-15-0-1162-azure ubuntu-upgrade-linux-image-4-15-0-206-generic ubuntu-upgrade-linux-image-4-15-0-206-generic-lpae ubuntu-upgrade-linux-image-4-15-0-206-lowlatency ubuntu-upgrade-linux-image-5-14-0-1058-oem ubuntu-upgrade-linux-image-5-14-0-1059-oem ubuntu-upgrade-linux-image-5-15-0-1016-gkeop ubuntu-upgrade-linux-image-5-15-0-1025-raspi ubuntu-upgrade-linux-image-5-15-0-1025-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1026-ibm ubuntu-upgrade-linux-image-5-15-0-1026-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1028-gke ubuntu-upgrade-linux-image-5-15-0-1029-kvm ubuntu-upgrade-linux-image-5-15-0-1030-gcp ubuntu-upgrade-linux-image-5-15-0-1030-oracle ubuntu-upgrade-linux-image-5-15-0-1031-aws ubuntu-upgrade-linux-image-5-15-0-1034-azure ubuntu-upgrade-linux-image-5-15-0-1034-azure-fde ubuntu-upgrade-linux-image-5-15-0-67-generic ubuntu-upgrade-linux-image-5-15-0-67-generic-64k ubuntu-upgrade-linux-image-5-15-0-67-generic-lpae ubuntu-upgrade-linux-image-5-15-0-67-lowlatency ubuntu-upgrade-linux-image-5-15-0-67-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1028-oem ubuntu-upgrade-linux-image-5-17-0-1029-oem ubuntu-upgrade-linux-image-5-19-0-1014-raspi ubuntu-upgrade-linux-image-5-19-0-1014-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1018-gcp ubuntu-upgrade-linux-image-5-19-0-1018-ibm ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency ubuntu-upgrade-linux-image-5-19-0-1018-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1018-oracle ubuntu-upgrade-linux-image-5-19-0-1019-kvm ubuntu-upgrade-linux-image-5-19-0-1020-aws ubuntu-upgrade-linux-image-5-19-0-1021-azure ubuntu-upgrade-linux-image-5-19-0-35-generic ubuntu-upgrade-linux-image-5-19-0-35-generic-64k ubuntu-upgrade-linux-image-5-19-0-35-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1045-ibm ubuntu-upgrade-linux-image-5-4-0-1059-bluefield ubuntu-upgrade-linux-image-5-4-0-1065-gkeop ubuntu-upgrade-linux-image-5-4-0-1081-raspi ubuntu-upgrade-linux-image-5-4-0-1087-kvm ubuntu-upgrade-linux-image-5-4-0-1094-oracle ubuntu-upgrade-linux-image-5-4-0-1095-gke ubuntu-upgrade-linux-image-5-4-0-1097-aws ubuntu-upgrade-linux-image-5-4-0-1101-gcp ubuntu-upgrade-linux-image-5-4-0-1104-azure ubuntu-upgrade-linux-image-5-4-0-144-generic ubuntu-upgrade-linux-image-5-4-0-144-generic-lpae ubuntu-upgrade-linux-image-5-4-0-144-lowlatency ubuntu-upgrade-linux-image-6-0-0-1012-oem ubuntu-upgrade-linux-image-6-1-0-1007-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-0461 CVE - 2023-0461 USN-5883-1 USN-5911-1 USN-5912-1 USN-5913-1 USN-5914-1 USN-5915-1 USN-5917-1 USN-5919-1 USN-5920-1 USN-5924-1 USN-5925-1 USN-5927-1 USN-5929-1 USN-5934-1 USN-5935-1 USN-5938-1 USN-5939-1 USN-5940-1 USN-5941-1 USN-5950-1 USN-5951-1 USN-5962-1 USN-5975-1 USN-5976-1 USN-6000-1 USN-6007-1 View more

Ubuntu: USN-5933-1 (CVE-2023-1018): Libtpms vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 02/28/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/30/2025 Description An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. Solution(s) ubuntu-upgrade-libtpms0 References https://attackerkb.com/topics/cve-2023-1018 CVE - 2023-1018 USN-5933-1

Ubuntu: (CVE-2023-22999): linux-oem-5.14 vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) ubuntu-upgrade-linux-oem-5-14 References https://attackerkb.com/topics/cve-2023-22999 CVE - 2023-22999 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 https://git.kernel.org/linus/b52fe2dbb3e655eb1483000adfab68a219549e13 https://github.com/torvalds/linux/commit/b52fe2dbb3e655eb1483000adfab68a219549e13 https://www.cve.org/CVERecord?id=CVE-2023-22999

Ubuntu: USN-6024-1 (CVE-2023-22997): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Solution(s) ubuntu-upgrade-linux-image-5-19-0-1016-raspi ubuntu-upgrade-linux-image-5-19-0-1016-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1020-gcp ubuntu-upgrade-linux-image-5-19-0-1020-oracle ubuntu-upgrade-linux-image-5-19-0-1021-kvm ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1023-aws ubuntu-upgrade-linux-image-5-19-0-1023-azure ubuntu-upgrade-linux-image-5-19-0-40-generic ubuntu-upgrade-linux-image-5-19-0-40-generic-64k ubuntu-upgrade-linux-image-5-19-0-40-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-22997 CVE - 2023-22997 USN-6024-1

Ubuntu: (Multiple Advisories) (CVE-2023-20938): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel Solution(s) ubuntu-upgrade-linux-image-5-15-0-1020-gkeop ubuntu-upgrade-linux-image-5-15-0-1029-raspi ubuntu-upgrade-linux-image-5-15-0-1029-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1030-ibm ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1033-gke ubuntu-upgrade-linux-image-5-15-0-1033-kvm ubuntu-upgrade-linux-image-5-15-0-1034-gcp ubuntu-upgrade-linux-image-5-15-0-1035-oracle ubuntu-upgrade-linux-image-5-15-0-1036-aws ubuntu-upgrade-linux-image-5-15-0-1038-azure ubuntu-upgrade-linux-image-5-15-0-1038-azure-fde ubuntu-upgrade-linux-image-5-15-0-72-generic ubuntu-upgrade-linux-image-5-15-0-72-generic-64k ubuntu-upgrade-linux-image-5-15-0-72-generic-lpae ubuntu-upgrade-linux-image-5-15-0-72-lowlatency ubuntu-upgrade-linux-image-5-15-0-72-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1045-ibm ubuntu-upgrade-linux-image-5-4-0-1059-bluefield ubuntu-upgrade-linux-image-5-4-0-1065-gkeop ubuntu-upgrade-linux-image-5-4-0-1081-raspi ubuntu-upgrade-linux-image-5-4-0-1087-kvm ubuntu-upgrade-linux-image-5-4-0-1094-oracle ubuntu-upgrade-linux-image-5-4-0-1095-gke ubuntu-upgrade-linux-image-5-4-0-1097-aws ubuntu-upgrade-linux-image-5-4-0-1101-gcp ubuntu-upgrade-linux-image-5-4-0-1104-azure ubuntu-upgrade-linux-image-5-4-0-144-generic ubuntu-upgrade-linux-image-5-4-0-144-generic-lpae ubuntu-upgrade-linux-image-5-4-0-144-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 References https://attackerkb.com/topics/cve-2023-20938 CVE - 2023-20938 USN-5917-1 USN-5934-1 USN-5939-1 USN-5940-1 USN-5951-1 USN-6000-1 USN-6080-1 USN-6085-1 USN-6090-1 USN-6133-1 USN-6134-1 View more

Debian: CVE-2022-41722: golang-1.19 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 02/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path ".\c:\b". Solution(s) debian-upgrade-golang-1-19 References https://attackerkb.com/topics/cve-2022-41722 CVE - 2022-41722

Huawei EulerOS: CVE-2022-41723: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Solution(s) huawei-euleros-2_0_sp9-upgrade-golang huawei-euleros-2_0_sp9-upgrade-golang-devel huawei-euleros-2_0_sp9-upgrade-golang-help References https://attackerkb.com/topics/cve-2022-41723 CVE - 2022-41723 EulerOS-SA-2023-1869

Ubuntu: (CVE-2023-22996): linux-oem-5.17 vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device. Solution(s) ubuntu-upgrade-linux-oem-5-17 References https://attackerkb.com/topics/cve-2023-22996 CVE - 2023-22996 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 https://git.kernel.org/linus/4b41a9d0fe3db5f91078a380f62f0572c3ecf2dd https://github.com/torvalds/linux/commit/4b41a9d0fe3db5f91078a380f62f0572c3ecf2dd https://www.cve.org/CVERecord?id=CVE-2023-22996

Huawei EulerOS: CVE-2023-0461: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-0461 CVE - 2023-0461 EulerOS-SA-2023-1873

Huawei EulerOS: CVE-2022-41723: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Solution(s) huawei-euleros-2_0_sp5-upgrade-golang huawei-euleros-2_0_sp5-upgrade-golang-bin huawei-euleros-2_0_sp5-upgrade-golang-src References https://attackerkb.com/topics/cve-2022-41723 CVE - 2022-41723 EulerOS-SA-2023-2146

Huawei EulerOS: CVE-2023-1095: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-1095 CVE - 2023-1095 EulerOS-SA-2023-1873

Huawei EulerOS: CVE-2023-27371: libmicrohttpd security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. Solution(s) huawei-euleros-2_0_sp8-upgrade-libmicrohttpd References https://attackerkb.com/topics/cve-2023-27371 CVE - 2023-27371 EulerOS-SA-2023-3133

Amazon Linux AMI 2: CVE-2022-41725: Security patch for containerd, golang (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/30/2025 Description A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing "up to maxMemory bytes +10MB (reserved for non-file parts) in memory". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, "If stored on disk, the File's underlying concrete type will be an *os.File.". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader. Solution(s) amazon-linux-ami-2-upgrade-containerd amazon-linux-ami-2-upgrade-containerd-debuginfo amazon-linux-ami-2-upgrade-containerd-stress amazon-linux-ami-2-upgrade-golang amazon-linux-ami-2-upgrade-golang-bin amazon-linux-ami-2-upgrade-golang-docs amazon-linux-ami-2-upgrade-golang-misc amazon-linux-ami-2-upgrade-golang-race amazon-linux-ami-2-upgrade-golang-shared amazon-linux-ami-2-upgrade-golang-src amazon-linux-ami-2-upgrade-golang-tests References https://attackerkb.com/topics/cve-2022-41725 AL2/ALAS-2023-2015 AL2/ALAS-2023-2163 AL2/ALASDOCKER-2023-029 AL2/ALASGOLANG1.19-2023-002 AL2/ALASNITRO-ENCLAVES-2023-026 CVE - 2022-41725

Red Hat: CVE-2023-0179: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2023 Created 03/02/2023 Added 03/01/2023 Modified 01/28/2025 Description A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-0179 RHSA-2023:0951 RHSA-2023:0979 RHSA-2023:1008 RHSA-2023:1202 RHSA-2023:1203 RHSA-2023:1435 View more

Huawei EulerOS: CVE-2022-41725: golang security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/30/2025 Description A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing "up to maxMemory bytes +10MB (reserved for non-file parts) in memory". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, "If stored on disk, the File's underlying concrete type will be an *os.File.". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader. Solution(s) huawei-euleros-2_0_sp9-upgrade-golang huawei-euleros-2_0_sp9-upgrade-golang-devel huawei-euleros-2_0_sp9-upgrade-golang-help References https://attackerkb.com/topics/cve-2022-41725 CVE - 2022-41725 EulerOS-SA-2023-1869

Gentoo Linux: CVE-2023-27320: sudo: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 02/28/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Sudo before 1.9.13p2 has a double free in the per-command chroot feature. Solution(s) gentoo-linux-upgrade-app-admin-sudo References https://attackerkb.com/topics/cve-2023-27320 CVE - 2023-27320 202309-12

Huawei EulerOS: CVE-2022-41723: docker-engine security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Solution(s) huawei-euleros-2_0_sp10-upgrade-docker-engine huawei-euleros-2_0_sp10-upgrade-docker-engine-selinux References https://attackerkb.com/topics/cve-2022-41723 CVE - 2022-41723 EulerOS-SA-2024-1585

Huawei EulerOS: CVE-2023-1095: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. Solution(s) huawei-euleros-2_0_sp5-upgrade-kernel huawei-euleros-2_0_sp5-upgrade-kernel-devel huawei-euleros-2_0_sp5-upgrade-kernel-headers huawei-euleros-2_0_sp5-upgrade-kernel-tools huawei-euleros-2_0_sp5-upgrade-kernel-tools-libs huawei-euleros-2_0_sp5-upgrade-perf huawei-euleros-2_0_sp5-upgrade-python-perf References https://attackerkb.com/topics/cve-2023-1095 CVE - 2023-1095 EulerOS-SA-2023-2152

Huawei EulerOS: CVE-2022-41723: docker-engine security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Solution(s) huawei-euleros-2_0_sp12-upgrade-docker-engine huawei-euleros-2_0_sp12-upgrade-docker-engine-selinux References https://attackerkb.com/topics/cve-2022-41723 CVE - 2022-41723 EulerOS-SA-2024-1761

CentOS Linux: CVE-2023-1017: Moderate: libtpms security update (CESA-2023:2453) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. Solution(s) centos-upgrade-libtpms centos-upgrade-libtpms-debuginfo centos-upgrade-libtpms-debugsource References CVE-2023-1017