ISHACK AI BOT

Ubuntu: (Multiple Advisories) (CVE-2023-0568): PHP vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-2 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-fpm ubuntu-pro-upgrade-php7-0-sqlite3 ubuntu-pro-upgrade-php7-0-zip ubuntu-pro-upgrade-php7-2 ubuntu-pro-upgrade-php7-2-cgi ubuntu-pro-upgrade-php7-2-cli ubuntu-pro-upgrade-php7-2-fpm ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-fpm References https://attackerkb.com/topics/cve-2023-0568 CVE - 2023-0568 USN-5902-1 USN-5905-1

Oracle Linux: CVE-2023-23918: ELSA-2023-1582:nodejs:16 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 02/16/2023 Created 05/05/2023 Added 04/05/2023 Modified 01/08/2025 Description A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy. Solution(s) oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-libs oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-23918 CVE - 2023-23918 ELSA-2023-1582 ELSA-2023-2654 ELSA-2023-2655 ELSA-2023-1583 ELSA-2023-1743

F5 Networks: CVE-2022-26343: K000133630: Intel processor vulnerability CVE-2022-26343 Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 01/10/2024 Added 01/09/2024 Modified 01/28/2025 Description Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2022-26343 CVE - 2022-26343 https://my.f5.com/manage/s/article/K000133630

SUSE: CVE-2023-0662: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php74 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-firebird suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pear suse-upgrade-php7-pear-archive_tar suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-wddx suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php74 suse-upgrade-php74-bcmath suse-upgrade-php74-bz2 suse-upgrade-php74-calendar suse-upgrade-php74-ctype suse-upgrade-php74-curl suse-upgrade-php74-dba suse-upgrade-php74-devel suse-upgrade-php74-dom suse-upgrade-php74-enchant suse-upgrade-php74-exif suse-upgrade-php74-fastcgi suse-upgrade-php74-fileinfo suse-upgrade-php74-fpm suse-upgrade-php74-ftp suse-upgrade-php74-gd suse-upgrade-php74-gettext suse-upgrade-php74-gmp suse-upgrade-php74-iconv suse-upgrade-php74-intl suse-upgrade-php74-json suse-upgrade-php74-ldap suse-upgrade-php74-mbstring suse-upgrade-php74-mysql suse-upgrade-php74-odbc suse-upgrade-php74-opcache suse-upgrade-php74-openssl suse-upgrade-php74-pcntl suse-upgrade-php74-pdo suse-upgrade-php74-pgsql suse-upgrade-php74-phar suse-upgrade-php74-posix suse-upgrade-php74-readline suse-upgrade-php74-shmop suse-upgrade-php74-snmp suse-upgrade-php74-soap suse-upgrade-php74-sockets suse-upgrade-php74-sodium suse-upgrade-php74-sqlite suse-upgrade-php74-sysvmsg suse-upgrade-php74-sysvsem suse-upgrade-php74-sysvshm suse-upgrade-php74-tidy suse-upgrade-php74-tokenizer suse-upgrade-php74-xmlreader suse-upgrade-php74-xmlrpc suse-upgrade-php74-xmlwriter suse-upgrade-php74-xsl suse-upgrade-php74-zip suse-upgrade-php74-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2023-0662 CVE - 2023-0662

Red Hat: CVE-2022-36369: local privilege escalation (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/26/2023 Modified 01/28/2025 Description Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) redhat-upgrade-qatzip redhat-upgrade-qatzip-debuginfo redhat-upgrade-qatzip-debugsource redhat-upgrade-qatzip-devel redhat-upgrade-qatzip-libs redhat-upgrade-qatzip-libs-debuginfo References CVE-2022-36369 RHSA-2023:1976 RHSA-2023:3397

SUSE: CVE-2023-0568: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php74 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-firebird suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pear suse-upgrade-php7-pear-archive_tar suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-wddx suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php74 suse-upgrade-php74-bcmath suse-upgrade-php74-bz2 suse-upgrade-php74-calendar suse-upgrade-php74-ctype suse-upgrade-php74-curl suse-upgrade-php74-dba suse-upgrade-php74-devel suse-upgrade-php74-dom suse-upgrade-php74-enchant suse-upgrade-php74-exif suse-upgrade-php74-fastcgi suse-upgrade-php74-fileinfo suse-upgrade-php74-fpm suse-upgrade-php74-ftp suse-upgrade-php74-gd suse-upgrade-php74-gettext suse-upgrade-php74-gmp suse-upgrade-php74-iconv suse-upgrade-php74-intl suse-upgrade-php74-json suse-upgrade-php74-ldap suse-upgrade-php74-mbstring suse-upgrade-php74-mysql suse-upgrade-php74-odbc suse-upgrade-php74-opcache suse-upgrade-php74-openssl suse-upgrade-php74-pcntl suse-upgrade-php74-pdo suse-upgrade-php74-pgsql suse-upgrade-php74-phar suse-upgrade-php74-posix suse-upgrade-php74-readline suse-upgrade-php74-shmop suse-upgrade-php74-snmp suse-upgrade-php74-soap suse-upgrade-php74-sockets suse-upgrade-php74-sodium suse-upgrade-php74-sqlite suse-upgrade-php74-sysvmsg suse-upgrade-php74-sysvsem suse-upgrade-php74-sysvshm suse-upgrade-php74-tidy suse-upgrade-php74-tokenizer suse-upgrade-php74-xmlreader suse-upgrade-php74-xmlrpc suse-upgrade-php74-xmlwriter suse-upgrade-php74-xsl suse-upgrade-php74-zip suse-upgrade-php74-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2023-0568 CVE - 2023-0568

Joomla!: [20230201] - Core - Improper access check in webservice endpoints (CVE-2023-23752) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 02/16/2023 Created 12/07/2023 Added 12/06/2023 Modified 01/28/2025 Description An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. Solution(s) joomla-upgrade-4_2_8 References https://attackerkb.com/topics/cve-2023-23752 CVE - 2023-23752 http://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html

Huawei EulerOS: CVE-2023-25153: docker-engine security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18.Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. Solution(s) huawei-euleros-2_0_sp9-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25153 CVE - 2023-25153 EulerOS-SA-2023-1864

Huawei EulerOS: CVE-2023-25173: docker-engine security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) huawei-euleros-2_0_sp9-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173 EulerOS-SA-2023-1864

SUSE: CVE-2022-21216: SUSE Linux Security Advisory Severity 7 CVSS (AV:A/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 02/22/2023 Added 02/21/2023 Modified 01/28/2025 Description Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. Solution(s) suse-upgrade-ucode-intel References https://attackerkb.com/topics/cve-2022-21216 CVE - 2022-21216

Amazon Linux 2023: CVE-2022-38090: Medium priority package update for microcode_ctl Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 02/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. A flaw was found in the Linux kernel. A potential security vulnerability in some Intel Processors with Intel Software Guard Extensions (SGX) may allow information disclosure. This flaw may allow a privileged user to enable information disclosure via local access. Solution(s) amazon-linux-2023-upgrade-microcode-ctl References https://attackerkb.com/topics/cve-2022-38090 CVE - 2022-38090 https://alas.aws.amazon.com/AL2023/ALAS-2023-189.html

Amazon Linux 2023: CVE-2023-23920: Medium priority package update for nodejs Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 02/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. Solution(s) amazon-linux-2023-upgrade-nodejs amazon-linux-2023-upgrade-nodejs-debuginfo amazon-linux-2023-upgrade-nodejs-debugsource amazon-linux-2023-upgrade-nodejs-devel amazon-linux-2023-upgrade-nodejs-docs amazon-linux-2023-upgrade-nodejs-full-i18n amazon-linux-2023-upgrade-nodejs-libs amazon-linux-2023-upgrade-nodejs-libs-debuginfo amazon-linux-2023-upgrade-npm amazon-linux-2023-upgrade-v8-devel References https://attackerkb.com/topics/cve-2023-23920 CVE - 2023-23920 https://alas.aws.amazon.com/AL2023/ALAS-2023-210.html

Amazon Linux AMI 2: CVE-2022-21216: Security patch for microcode_ctl (ALAS-2023-2056) Severity 7 CVSS (AV:A/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 06/06/2023 Added 06/06/2023 Modified 01/28/2025 Description Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2022-21216 AL2/ALAS-2023-2056 CVE - 2022-21216

Gentoo Linux: CVE-2023-25173: containerd: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 08/08/2024 Added 08/07/2024 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) gentoo-linux-upgrade-app-containers-containerd References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173 202408-01

Red Hat OpenShift: CVE-2023-25173: containerd: Supplementary groups are not set up properly Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 05/11/2023 Added 05/11/2023 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel8-operator linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel9-operator References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173 RHSA-2023:1326 RHSA-2023:1372 RHSA-2023:2029 RHSA-2023:2107 RHSA-2023:3450 RHSA-2023:3455 RHSA-2023:3537 RHSA-2023:4025 RHSA-2023:4226 RHSA-2023:4488 RHSA-2023:4671 RHSA-2023:5006 RHSA-2023:5314 RHSA-2023:6473 RHSA-2023:6474 RHSA-2023:6817 RHSA-2023:6939 View more

Ubuntu: (CVE-2021-43529): thunderbird vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures. Solution(s) ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2021-43529 CVE - 2021-43529 https://www.cve.org/CVERecord?id=CVE-2021-43529 https://www.openwall.com/lists/oss-security/2021/12/01/6

Amazon Linux AMI 2: CVE-2023-25153: Security patch for containerd (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18.Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. Solution(s) amazon-linux-ami-2-upgrade-containerd amazon-linux-ami-2-upgrade-containerd-debuginfo amazon-linux-ami-2-upgrade-containerd-stress References https://attackerkb.com/topics/cve-2023-25153 AL2/ALASDOCKER-2023-023 AL2/ALASDOCKER-2024-035 AL2/ALASECS-2023-002 AL2/ALASNITRO-ENCLAVES-2023-023 AL2/ALASNITRO-ENCLAVES-2024-035 CVE - 2023-25153

Huawei EulerOS: CVE-2023-25173: docker-engine security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) huawei-euleros-2_0_sp10-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173 EulerOS-SA-2023-1971

Gentoo Linux: CVE-2023-0662: PHP: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 08/14/2024 Added 08/13/2024 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) gentoo-linux-upgrade-dev-lang-php References https://attackerkb.com/topics/cve-2023-0662 CVE - 2023-0662 202408-32

Amazon Linux AMI 2: CVE-2023-0662: Security patch for php (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 09/14/2023 Added 09/14/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) amazon-linux-ami-2-upgrade-php amazon-linux-ami-2-upgrade-php-bcmath amazon-linux-ami-2-upgrade-php-cli amazon-linux-ami-2-upgrade-php-common amazon-linux-ami-2-upgrade-php-dba amazon-linux-ami-2-upgrade-php-dbg amazon-linux-ami-2-upgrade-php-debuginfo amazon-linux-ami-2-upgrade-php-devel amazon-linux-ami-2-upgrade-php-embedded amazon-linux-ami-2-upgrade-php-enchant amazon-linux-ami-2-upgrade-php-fpm amazon-linux-ami-2-upgrade-php-gd amazon-linux-ami-2-upgrade-php-gmp amazon-linux-ami-2-upgrade-php-intl amazon-linux-ami-2-upgrade-php-ldap amazon-linux-ami-2-upgrade-php-mbstring amazon-linux-ami-2-upgrade-php-mysqlnd amazon-linux-ami-2-upgrade-php-odbc amazon-linux-ami-2-upgrade-php-opcache amazon-linux-ami-2-upgrade-php-pdo amazon-linux-ami-2-upgrade-php-pgsql amazon-linux-ami-2-upgrade-php-process amazon-linux-ami-2-upgrade-php-pspell amazon-linux-ami-2-upgrade-php-recode amazon-linux-ami-2-upgrade-php-snmp amazon-linux-ami-2-upgrade-php-soap amazon-linux-ami-2-upgrade-php-sodium amazon-linux-ami-2-upgrade-php-xml amazon-linux-ami-2-upgrade-php-xmlrpc References https://attackerkb.com/topics/cve-2023-0662 AL2/ALAS-2023-2375 AL2/ALASPHP8.0-2023-002 AL2/ALASPHP8.1-2023-002 AL2/ALASPHP8.2-2023-001 CVE - 2023-0662

SUSE: CVE-2023-0767: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 02/18/2023 Added 02/17/2023 Modified 01/28/2025 Description An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Solution(s) suse-upgrade-libfreebl3 suse-upgrade-libfreebl3-32bit suse-upgrade-libfreebl3-hmac suse-upgrade-libfreebl3-hmac-32bit suse-upgrade-libsoftokn3 suse-upgrade-libsoftokn3-32bit suse-upgrade-libsoftokn3-hmac suse-upgrade-libsoftokn3-hmac-32bit suse-upgrade-mozilla-nss suse-upgrade-mozilla-nss-32bit suse-upgrade-mozilla-nss-certs suse-upgrade-mozilla-nss-certs-32bit suse-upgrade-mozilla-nss-devel suse-upgrade-mozilla-nss-sysinit suse-upgrade-mozilla-nss-sysinit-32bit suse-upgrade-mozilla-nss-tools suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2023-0767 CVE - 2023-0767

SUSE: CVE-2022-38090: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 02/16/2023 Created 02/22/2023 Added 02/21/2023 Modified 01/28/2025 Description Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. Solution(s) suse-upgrade-ucode-intel References https://attackerkb.com/topics/cve-2022-38090 CVE - 2022-38090

Alpine Linux: CVE-2022-33196: Incorrect Default Permissions Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) alpine-linux-upgrade-intel-ucode References https://attackerkb.com/topics/cve-2022-33196 CVE - 2022-33196 https://security.alpinelinux.org/vuln/CVE-2022-33196

Alpine Linux: CVE-2022-21216: Vulnerability in Multiple Components Severity 7 CVSS (AV:A/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. Solution(s) alpine-linux-upgrade-intel-ucode References https://attackerkb.com/topics/cve-2022-21216 CVE - 2022-21216 https://security.alpinelinux.org/vuln/CVE-2022-21216

Oracle Linux: CVE-2023-24807: ELSA-2023-1582:nodejs:16 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/05/2023 Modified 01/08/2025 Description Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. Solution(s) oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-libs oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-24807 CVE - 2023-24807 ELSA-2023-1582 ELSA-2023-2654 ELSA-2023-2655 ELSA-2023-1583