ISHACK AI BOT

Ubuntu: (Multiple Advisories) (CVE-2021-32142): LibRaw vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 02/17/2023 Created 06/06/2023 Added 06/06/2023 Modified 02/14/2025 Description Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. Solution(s) ubuntu-pro-upgrade-digikam ubuntu-pro-upgrade-libraw19 ubuntu-pro-upgrade-libraw20 ubuntu-pro-upgrade-showfoto References https://attackerkb.com/topics/cve-2021-32142 CVE - 2021-32142 DSA-5412 USN-6137-1 USN-7266-1

Huawei EulerOS: CVE-2023-23586: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 02/17/2023 Created 07/05/2023 Added 07/05/2023 Modified 01/30/2025 Description Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not consider io_uring's io_worker threads, thus it is possible to insert a time namespace's vvar page to process's memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the process' memory, and a next page allocated by the kernel will be still available from the user-space process and can leak memory contents via this (read-only) use-after-free vulnerability. We recommend upgrading past version 5.10.161 or commit 788d0824269bef539fe31a785b1517882eafed93 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-23586 CVE - 2023-23586 EulerOS-SA-2023-2296

Alpine Linux: CVE-2023-24809: Classic Buffer Overflow Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/17/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds. Solution(s) alpine-linux-upgrade-nethack References https://attackerkb.com/topics/cve-2023-24809 CVE - 2023-24809 https://security.alpinelinux.org/vuln/CVE-2023-24809

Oracle Linux: CVE-2022-41723: ELSA-2023-6938:container-tools:4.0 security and bug fix update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/17/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/07/2025 Description A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests. Solution(s) oracle-linux-upgrade-aardvark-dns oracle-linux-upgrade-buildah oracle-linux-upgrade-buildah-tests oracle-linux-upgrade-cockpit-podman oracle-linux-upgrade-conmon oracle-linux-upgrade-containernetworking-plugins oracle-linux-upgrade-containers-common oracle-linux-upgrade-container-selinux oracle-linux-upgrade-crit oracle-linux-upgrade-criu oracle-linux-upgrade-criu-devel oracle-linux-upgrade-criu-libs oracle-linux-upgrade-crun oracle-linux-upgrade-fuse-overlayfs oracle-linux-upgrade-libslirp oracle-linux-upgrade-libslirp-devel oracle-linux-upgrade-netavark oracle-linux-upgrade-oci-seccomp-bpf-hook oracle-linux-upgrade-podman oracle-linux-upgrade-podman-catatonit oracle-linux-upgrade-podman-docker oracle-linux-upgrade-podman-gvproxy oracle-linux-upgrade-podman-plugins oracle-linux-upgrade-podman-remote oracle-linux-upgrade-podman-tests oracle-linux-upgrade-python3-criu oracle-linux-upgrade-python3-podman oracle-linux-upgrade-runc oracle-linux-upgrade-skopeo oracle-linux-upgrade-skopeo-tests oracle-linux-upgrade-slirp4netns oracle-linux-upgrade-udica References https://attackerkb.com/topics/cve-2022-41723 CVE - 2022-41723 ELSA-2023-6938 ELSA-2023-6402 ELSA-2023-6474 ELSA-2023-6473 ELSA-2023-6939 ELSA-2023-6363 View more

Red Hat: CVE-2023-0662: DoS vulnerability when parsing multipart request body (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) redhat-upgrade-apcu-panel redhat-upgrade-libzip redhat-upgrade-libzip-debuginfo redhat-upgrade-libzip-debugsource redhat-upgrade-libzip-devel redhat-upgrade-libzip-tools redhat-upgrade-libzip-tools-debuginfo redhat-upgrade-php redhat-upgrade-php-bcmath redhat-upgrade-php-bcmath-debuginfo redhat-upgrade-php-cli redhat-upgrade-php-cli-debuginfo redhat-upgrade-php-common redhat-upgrade-php-common-debuginfo redhat-upgrade-php-dba redhat-upgrade-php-dba-debuginfo redhat-upgrade-php-dbg redhat-upgrade-php-dbg-debuginfo redhat-upgrade-php-debuginfo redhat-upgrade-php-debugsource redhat-upgrade-php-devel redhat-upgrade-php-embedded redhat-upgrade-php-embedded-debuginfo redhat-upgrade-php-enchant redhat-upgrade-php-enchant-debuginfo redhat-upgrade-php-ffi redhat-upgrade-php-ffi-debuginfo redhat-upgrade-php-fpm redhat-upgrade-php-fpm-debuginfo redhat-upgrade-php-gd redhat-upgrade-php-gd-debuginfo redhat-upgrade-php-gmp redhat-upgrade-php-gmp-debuginfo redhat-upgrade-php-intl redhat-upgrade-php-intl-debuginfo redhat-upgrade-php-ldap redhat-upgrade-php-ldap-debuginfo redhat-upgrade-php-mbstring redhat-upgrade-php-mbstring-debuginfo redhat-upgrade-php-mysqlnd redhat-upgrade-php-mysqlnd-debuginfo redhat-upgrade-php-odbc redhat-upgrade-php-odbc-debuginfo redhat-upgrade-php-opcache redhat-upgrade-php-opcache-debuginfo redhat-upgrade-php-pdo redhat-upgrade-php-pdo-debuginfo redhat-upgrade-php-pear redhat-upgrade-php-pecl-apcu redhat-upgrade-php-pecl-apcu-debuginfo redhat-upgrade-php-pecl-apcu-debugsource redhat-upgrade-php-pecl-apcu-devel redhat-upgrade-php-pecl-rrd redhat-upgrade-php-pecl-rrd-debuginfo redhat-upgrade-php-pecl-rrd-debugsource redhat-upgrade-php-pecl-xdebug3 redhat-upgrade-php-pecl-xdebug3-debuginfo redhat-upgrade-php-pecl-xdebug3-debugsource redhat-upgrade-php-pecl-zip redhat-upgrade-php-pecl-zip-debuginfo redhat-upgrade-php-pecl-zip-debugsource redhat-upgrade-php-pgsql redhat-upgrade-php-pgsql-debuginfo redhat-upgrade-php-process redhat-upgrade-php-process-debuginfo redhat-upgrade-php-snmp redhat-upgrade-php-snmp-debuginfo redhat-upgrade-php-soap redhat-upgrade-php-soap-debuginfo redhat-upgrade-php-xml redhat-upgrade-php-xml-debuginfo References CVE-2023-0662 RHSA-2023:5926 RHSA-2023:5927 RHSA-2024:0387

Amazon Linux AMI: CVE-2023-23916: Security patch for curl (ALAS-2023-1729) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. Solution(s) amazon-linux-upgrade-curl References ALAS-2023-1729 CVE-2023-23916

Amazon Linux AMI: CVE-2023-0767: Security patch for nss (ALAS-2023-1736) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From ALAS-2023-1736: firefox-esr , thunderbird and nss only are affected by this package. (CVE-2023-0767) Solution(s) amazon-linux-upgrade-nss References ALAS-2023-1736 CVE-2023-0767 SUSE-SU-2023:0434-1

Red Hat: CVE-2023-23936: Fetch API did not protect against CRLF injection in host headers (Multiple Advisories) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the `headers.host` string before passing to undici. Solution(s) redhat-upgrade-nodejs redhat-upgrade-nodejs-debuginfo redhat-upgrade-nodejs-debugsource redhat-upgrade-nodejs-devel redhat-upgrade-nodejs-docs redhat-upgrade-nodejs-full-i18n redhat-upgrade-nodejs-libs redhat-upgrade-nodejs-libs-debuginfo redhat-upgrade-nodejs-nodemon redhat-upgrade-nodejs-packaging redhat-upgrade-nodejs-packaging-bundler redhat-upgrade-npm References CVE-2023-23936 RHSA-2023:1582 RHSA-2023:1583 RHSA-2023:2654 RHSA-2023:2655 RHSA-2023:5533

Huawei EulerOS: CVE-2023-0662: php security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) huawei-euleros-2_0_sp8-upgrade-php huawei-euleros-2_0_sp8-upgrade-php-cli huawei-euleros-2_0_sp8-upgrade-php-common huawei-euleros-2_0_sp8-upgrade-php-fpm huawei-euleros-2_0_sp8-upgrade-php-gd huawei-euleros-2_0_sp8-upgrade-php-ldap huawei-euleros-2_0_sp8-upgrade-php-odbc huawei-euleros-2_0_sp8-upgrade-php-pdo huawei-euleros-2_0_sp8-upgrade-php-process huawei-euleros-2_0_sp8-upgrade-php-recode huawei-euleros-2_0_sp8-upgrade-php-soap huawei-euleros-2_0_sp8-upgrade-php-xml huawei-euleros-2_0_sp8-upgrade-php-xmlrpc References https://attackerkb.com/topics/cve-2023-0662 CVE - 2023-0662 EulerOS-SA-2023-2196

Debian: CVE-2023-0568: php7.4, php8.2 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 02/28/2023 Added 02/27/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. Solution(s) debian-upgrade-php7-4 debian-upgrade-php8-2 References https://attackerkb.com/topics/cve-2023-0568 CVE - 2023-0568 DSA-5363-1

Debian: CVE-2022-21216: intel-microcode -- security update Severity 7 CVSS (AV:A/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 04/04/2023 Added 04/03/2023 Modified 01/28/2025 Description Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. Solution(s) debian-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2022-21216 CVE - 2022-21216 DLA-3379-1

Fortinet FortiAnalyzer: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2022-30304) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 02/28/2023 Added 02/27/2023 Modified 01/28/2025 Description An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the URL parameter observed in the FortiWeb attack event logview in FortiAnalyzer. Solution(s) fortinet-fortianalyzer-upgrade-6_4_9 fortinet-fortianalyzer-upgrade-7_0_5 References https://attackerkb.com/topics/cve-2022-30304 CVE - 2022-30304 https://fortiguard.com/psirt/FG-IR-22-166

Huawei EulerOS: CVE-2023-25153: docker-engine security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18.Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. Solution(s) huawei-euleros-2_0_sp5-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25153 CVE - 2023-25153 EulerOS-SA-2023-2142

Alpine Linux: CVE-2023-23936: Injection Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the `headers.host` string before passing to undici. Solution(s) alpine-linux-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-23936 CVE - 2023-23936 https://security.alpinelinux.org/vuln/CVE-2023-23936

Oracle Linux: CVE-2023-23920: ELSA-2023-1582:nodejs:16 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 02/16/2023 Created 05/05/2023 Added 04/05/2023 Modified 01/08/2025 Description An untrusted search path vulnerability exists in Node.js. &lt;19.6.1, &lt;18.14.1, &lt;16.19.1, and &lt;14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. Solution(s) oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-libs oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-23920 CVE - 2023-23920 ELSA-2023-1582 ELSA-2023-2654 ELSA-2023-2655 ELSA-2023-1583 ELSA-2023-1743

Oracle Linux: CVE-2023-23936: ELSA-2023-1582:nodejs:16 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 05/05/2023 Added 04/05/2023 Modified 01/08/2025 Description Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the `headers.host` string before passing to undici. A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the &apos;host&apos; header. This issue could allow HTTP response splitting and HTTP header injection. Solution(s) oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-libs oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-23936 CVE - 2023-23936 ELSA-2023-1582 ELSA-2023-2654 ELSA-2023-2655 ELSA-2023-1583

Debian: CVE-2020-12413: nss -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 02/16/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites. Solution(s) debian-upgrade-nss References https://attackerkb.com/topics/cve-2020-12413 CVE - 2020-12413

F5 Networks: CVE-2023-0662: K000133753: PHP vulnerability CVE-2023-0662 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 12/09/2023 Added 12/08/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-0662 CVE - 2023-0662 https://my.f5.com/manage/s/article/K000133753

Debian: CVE-2022-27170: intel-mediasdk -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 09/24/2024 Added 09/23/2024 Modified 01/28/2025 Description Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) debian-upgrade-intel-mediasdk References https://attackerkb.com/topics/cve-2022-27170 CVE - 2022-27170

Huawei EulerOS: CVE-2023-25153: containerd security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 07/05/2023 Added 07/05/2023 Modified 01/28/2025 Description containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18.Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. Solution(s) huawei-euleros-2_0_sp11-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25153 CVE - 2023-25153 EulerOS-SA-2023-2285

VMware Photon OS: CVE-2023-25173 Severity 4 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:P) Published 02/16/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173

Alpine Linux: CVE-2021-23980: Cross-site Scripting Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True. Solution(s) alpine-linux-upgrade-py3-bleach References https://attackerkb.com/topics/cve-2021-23980 CVE - 2021-23980 https://security.alpinelinux.org/vuln/CVE-2021-23980

Ubuntu: (Multiple Advisories) (CVE-2023-0494): X.Org X Server vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. Solution(s) ubuntu-pro-upgrade-xserver-xorg-core ubuntu-pro-upgrade-xserver-xorg-core-hwe-16-04 ubuntu-pro-upgrade-xserver-xorg-core-hwe-18-04 ubuntu-pro-upgrade-xwayland ubuntu-pro-upgrade-xwayland-hwe-16-04 ubuntu-pro-upgrade-xwayland-hwe-18-04 References https://attackerkb.com/topics/cve-2023-0494 CVE - 2023-0494 USN-5778-2 USN-5846-1

Ubuntu: USN-5886-1 (CVE-2022-33972): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 02/16/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2022-33972 CVE - 2022-33972 USN-5886-1

Zoho ManageEngine ServiceDesk Plus MSP: Denial of Service (CVE-2023-26601) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description Denial of Service vulnerability in image upload has been fixed in multiple ITSM products. Solution(s) zoho-manageengine-servicedesk-plus-msp-upgrade-latest References https://attackerkb.com/topics/cve-2023-26601 CVE - 2023-26601 https://manageengine.com https://www.manageengine.com/products/service-desk/CVE-2023-26601.html