ISHACK AI BOT

Red Hat: CVE-2023-25173: containerd: Supplementary groups are not set up properly (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) redhat-upgrade-aardvark-dns redhat-upgrade-buildah redhat-upgrade-buildah-debuginfo redhat-upgrade-buildah-debugsource redhat-upgrade-buildah-tests redhat-upgrade-buildah-tests-debuginfo redhat-upgrade-cockpit-podman redhat-upgrade-conmon redhat-upgrade-conmon-debuginfo redhat-upgrade-conmon-debugsource redhat-upgrade-container-selinux redhat-upgrade-containernetworking-plugins redhat-upgrade-containernetworking-plugins-debuginfo redhat-upgrade-containernetworking-plugins-debugsource redhat-upgrade-containers-common redhat-upgrade-crit redhat-upgrade-criu redhat-upgrade-criu-debuginfo redhat-upgrade-criu-debugsource redhat-upgrade-criu-devel redhat-upgrade-criu-libs redhat-upgrade-criu-libs-debuginfo redhat-upgrade-crun redhat-upgrade-crun-debuginfo redhat-upgrade-crun-debugsource redhat-upgrade-fuse-overlayfs redhat-upgrade-fuse-overlayfs-debuginfo redhat-upgrade-fuse-overlayfs-debugsource redhat-upgrade-libslirp redhat-upgrade-libslirp-debuginfo redhat-upgrade-libslirp-debugsource redhat-upgrade-libslirp-devel redhat-upgrade-netavark redhat-upgrade-oci-seccomp-bpf-hook redhat-upgrade-oci-seccomp-bpf-hook-debuginfo redhat-upgrade-oci-seccomp-bpf-hook-debugsource redhat-upgrade-podman redhat-upgrade-podman-catatonit redhat-upgrade-podman-catatonit-debuginfo redhat-upgrade-podman-debuginfo redhat-upgrade-podman-debugsource redhat-upgrade-podman-docker redhat-upgrade-podman-gvproxy redhat-upgrade-podman-gvproxy-debuginfo redhat-upgrade-podman-plugins redhat-upgrade-podman-plugins-debuginfo redhat-upgrade-podman-remote redhat-upgrade-podman-remote-debuginfo redhat-upgrade-podman-tests redhat-upgrade-python3-criu redhat-upgrade-python3-podman redhat-upgrade-runc redhat-upgrade-runc-debuginfo redhat-upgrade-runc-debugsource redhat-upgrade-skopeo redhat-upgrade-skopeo-tests redhat-upgrade-slirp4netns redhat-upgrade-slirp4netns-debuginfo redhat-upgrade-slirp4netns-debugsource redhat-upgrade-toolbox redhat-upgrade-toolbox-debuginfo redhat-upgrade-toolbox-debugsource redhat-upgrade-toolbox-tests redhat-upgrade-udica References CVE-2023-25173 RHSA-2023:6473 RHSA-2023:6474 RHSA-2023:6939

VMware Photon OS: CVE-2023-25153 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18.Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-25153 CVE - 2023-25153

Amazon Linux AMI 2: CVE-2022-33196: Security patch for microcode_ctl (ALAS-2023-2056) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 05/13/2024 Added 05/13/2024 Modified 01/28/2025 Description Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2022-33196 AL2/ALAS-2023-2056 CVE - 2022-33196

Amazon Linux AMI 2: CVE-2022-33972: Security patch for microcode_ctl (ALAS-2023-2056) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 02/16/2023 Created 06/06/2023 Added 06/06/2023 Modified 01/28/2025 Description Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2022-33972 AL2/ALAS-2023-2056 CVE - 2022-33972

Amazon Linux AMI 2: CVE-2022-38090: Security patch for microcode_ctl (ALAS-2023-2056) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 02/16/2023 Created 06/06/2023 Added 06/06/2023 Modified 01/28/2025 Description Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2022-38090 AL2/ALAS-2023-2056 CVE - 2022-38090

Oracle Linux: CVE-2023-23919: ELSA-2023-1582:nodejs:16 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/05/2023 Modified 01/08/2025 Description A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service. Solution(s) oracle-linux-upgrade-nodejs oracle-linux-upgrade-nodejs-devel oracle-linux-upgrade-nodejs-docs oracle-linux-upgrade-nodejs-full-i18n oracle-linux-upgrade-nodejs-nodemon oracle-linux-upgrade-nodejs-packaging oracle-linux-upgrade-nodejs-packaging-bundler oracle-linux-upgrade-npm References https://attackerkb.com/topics/cve-2023-23919 CVE - 2023-23919 ELSA-2023-1582 ELSA-2023-2654

Fortinet FortiOS: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2022-41334) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 03/02/2023 Added 03/01/2023 Modified 01/30/2025 Description An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked. Solution(s) fortios-upgrade-latest References https://attackerkb.com/topics/cve-2022-41334 CVE - 2022-41334 https://fortiguard.com/psirt/FG-IR-22-224

Huawei EulerOS: CVE-2023-0568: php security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. Solution(s) huawei-euleros-2_0_sp8-upgrade-php huawei-euleros-2_0_sp8-upgrade-php-cli huawei-euleros-2_0_sp8-upgrade-php-common huawei-euleros-2_0_sp8-upgrade-php-fpm huawei-euleros-2_0_sp8-upgrade-php-gd huawei-euleros-2_0_sp8-upgrade-php-ldap huawei-euleros-2_0_sp8-upgrade-php-odbc huawei-euleros-2_0_sp8-upgrade-php-pdo huawei-euleros-2_0_sp8-upgrade-php-process huawei-euleros-2_0_sp8-upgrade-php-recode huawei-euleros-2_0_sp8-upgrade-php-soap huawei-euleros-2_0_sp8-upgrade-php-xml huawei-euleros-2_0_sp8-upgrade-php-xmlrpc References https://attackerkb.com/topics/cve-2023-0568 CVE - 2023-0568 EulerOS-SA-2023-2196

Fortinet FortiOS: Improper Verification of Cryptographic Signature (CVE-2021-43074) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 02/16/2023 Created 02/28/2023 Added 02/27/2023 Modified 01/28/2025 Description An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter. Solution(s) fortios-upgrade-6_4_9 fortios-upgrade-7_0_4 References https://attackerkb.com/topics/cve-2021-43074 CVE - 2021-43074 https://fortiguard.com/psirt/FG-IR-21-126

F5 Networks: CVE-2023-0568: K000134747: PHP vulnerability CVE-2023-0568 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 12/09/2023 Added 12/08/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-0568 CVE - 2023-0568 https://my.f5.com/manage/s/article/K000134747

Fortinet FortiOS: Improper Certificate Validation (CVE-2022-39948) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 02/16/2023 Created 02/28/2023 Added 02/27/2023 Modified 01/28/2025 Description An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy) Solution(s) fortios-upgrade-7_0_8 fortios-upgrade-7_2_4 References https://attackerkb.com/topics/cve-2022-39948 CVE - 2022-39948 https://fortiguard.com/psirt/FG-IR-22-257

Debian: CVE-2023-0361: gnutls28 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 02/16/2023 Created 02/17/2023 Added 02/16/2023 Modified 01/28/2025 Description A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. Solution(s) debian-upgrade-gnutls28 References https://attackerkb.com/topics/cve-2023-0361 CVE - 2023-0361 DSA-5349-1

CentOS Linux: CVE-2023-23936: Moderate: nodejs:16 security, bug fix, and enhancement update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/16/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the `headers.host` string before passing to undici. Solution(s) centos-upgrade-nodejs centos-upgrade-nodejs-debuginfo centos-upgrade-nodejs-debugsource centos-upgrade-nodejs-devel centos-upgrade-nodejs-docs centos-upgrade-nodejs-full-i18n centos-upgrade-nodejs-libs centos-upgrade-nodejs-libs-debuginfo centos-upgrade-nodejs-nodemon centos-upgrade-nodejs-packaging centos-upgrade-nodejs-packaging-bundler centos-upgrade-npm References CVE-2023-23936

CentOS Linux: CVE-2023-24807: Moderate: nodejs:16 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. Solution(s) centos-upgrade-nodejs centos-upgrade-nodejs-debuginfo centos-upgrade-nodejs-debugsource centos-upgrade-nodejs-devel centos-upgrade-nodejs-docs centos-upgrade-nodejs-full-i18n centos-upgrade-nodejs-libs centos-upgrade-nodejs-libs-debuginfo centos-upgrade-nodejs-nodemon centos-upgrade-nodejs-packaging centos-upgrade-nodejs-packaging-bundler centos-upgrade-npm References CVE-2023-24807

CentOS Linux: CVE-2023-25173: Moderate: buildah security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) centos-upgrade-aardvark-dns centos-upgrade-buildah centos-upgrade-buildah-debuginfo centos-upgrade-buildah-debugsource centos-upgrade-buildah-tests centos-upgrade-buildah-tests-debuginfo centos-upgrade-cockpit-podman centos-upgrade-conmon centos-upgrade-conmon-debuginfo centos-upgrade-conmon-debugsource centos-upgrade-container-selinux centos-upgrade-containernetworking-plugins centos-upgrade-containernetworking-plugins-debuginfo centos-upgrade-containernetworking-plugins-debugsource centos-upgrade-containers-common centos-upgrade-crit centos-upgrade-criu centos-upgrade-criu-debuginfo centos-upgrade-criu-debugsource centos-upgrade-criu-devel centos-upgrade-criu-libs centos-upgrade-criu-libs-debuginfo centos-upgrade-crun centos-upgrade-crun-debuginfo centos-upgrade-crun-debugsource centos-upgrade-fuse-overlayfs centos-upgrade-fuse-overlayfs-debuginfo centos-upgrade-fuse-overlayfs-debugsource centos-upgrade-libslirp centos-upgrade-libslirp-debuginfo centos-upgrade-libslirp-debugsource centos-upgrade-libslirp-devel centos-upgrade-netavark centos-upgrade-oci-seccomp-bpf-hook centos-upgrade-oci-seccomp-bpf-hook-debuginfo centos-upgrade-oci-seccomp-bpf-hook-debugsource centos-upgrade-podman centos-upgrade-podman-catatonit centos-upgrade-podman-catatonit-debuginfo centos-upgrade-podman-debuginfo centos-upgrade-podman-debugsource centos-upgrade-podman-docker centos-upgrade-podman-gvproxy centos-upgrade-podman-gvproxy-debuginfo centos-upgrade-podman-plugins centos-upgrade-podman-plugins-debuginfo centos-upgrade-podman-remote centos-upgrade-podman-remote-debuginfo centos-upgrade-podman-tests centos-upgrade-python3-criu centos-upgrade-python3-podman centos-upgrade-runc centos-upgrade-runc-debuginfo centos-upgrade-runc-debugsource centos-upgrade-skopeo centos-upgrade-skopeo-tests centos-upgrade-slirp4netns centos-upgrade-slirp4netns-debuginfo centos-upgrade-slirp4netns-debugsource centos-upgrade-toolbox centos-upgrade-toolbox-debuginfo centos-upgrade-toolbox-debugsource centos-upgrade-toolbox-tests centos-upgrade-udica References CVE-2023-25173

CentOS Linux: CVE-2023-0662: Important: php security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) centos-upgrade-apcu-panel centos-upgrade-libzip centos-upgrade-libzip-debuginfo centos-upgrade-libzip-debugsource centos-upgrade-libzip-devel centos-upgrade-libzip-tools centos-upgrade-libzip-tools-debuginfo centos-upgrade-php centos-upgrade-php-bcmath centos-upgrade-php-bcmath-debuginfo centos-upgrade-php-cli centos-upgrade-php-cli-debuginfo centos-upgrade-php-common centos-upgrade-php-common-debuginfo centos-upgrade-php-dba centos-upgrade-php-dba-debuginfo centos-upgrade-php-dbg centos-upgrade-php-dbg-debuginfo centos-upgrade-php-debuginfo centos-upgrade-php-debugsource centos-upgrade-php-devel centos-upgrade-php-embedded centos-upgrade-php-embedded-debuginfo centos-upgrade-php-enchant centos-upgrade-php-enchant-debuginfo centos-upgrade-php-ffi centos-upgrade-php-ffi-debuginfo centos-upgrade-php-fpm centos-upgrade-php-fpm-debuginfo centos-upgrade-php-gd centos-upgrade-php-gd-debuginfo centos-upgrade-php-gmp centos-upgrade-php-gmp-debuginfo centos-upgrade-php-intl centos-upgrade-php-intl-debuginfo centos-upgrade-php-ldap centos-upgrade-php-ldap-debuginfo centos-upgrade-php-mbstring centos-upgrade-php-mbstring-debuginfo centos-upgrade-php-mysqlnd centos-upgrade-php-mysqlnd-debuginfo centos-upgrade-php-odbc centos-upgrade-php-odbc-debuginfo centos-upgrade-php-opcache centos-upgrade-php-opcache-debuginfo centos-upgrade-php-pdo centos-upgrade-php-pdo-debuginfo centos-upgrade-php-pear centos-upgrade-php-pecl-apcu centos-upgrade-php-pecl-apcu-debuginfo centos-upgrade-php-pecl-apcu-debugsource centos-upgrade-php-pecl-apcu-devel centos-upgrade-php-pecl-rrd centos-upgrade-php-pecl-rrd-debuginfo centos-upgrade-php-pecl-rrd-debugsource centos-upgrade-php-pecl-xdebug3 centos-upgrade-php-pecl-xdebug3-debuginfo centos-upgrade-php-pecl-xdebug3-debugsource centos-upgrade-php-pecl-zip centos-upgrade-php-pecl-zip-debuginfo centos-upgrade-php-pecl-zip-debugsource centos-upgrade-php-pgsql centos-upgrade-php-pgsql-debuginfo centos-upgrade-php-process centos-upgrade-php-process-debuginfo centos-upgrade-php-snmp centos-upgrade-php-snmp-debuginfo centos-upgrade-php-soap centos-upgrade-php-soap-debuginfo centos-upgrade-php-xml centos-upgrade-php-xml-debuginfo References CVE-2023-0662

CentOS Linux: CVE-2023-0568: Important: php security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. Solution(s) centos-upgrade-apcu-panel centos-upgrade-libzip centos-upgrade-libzip-debuginfo centos-upgrade-libzip-debugsource centos-upgrade-libzip-devel centos-upgrade-libzip-tools centos-upgrade-libzip-tools-debuginfo centos-upgrade-php centos-upgrade-php-bcmath centos-upgrade-php-bcmath-debuginfo centos-upgrade-php-cli centos-upgrade-php-cli-debuginfo centos-upgrade-php-common centos-upgrade-php-common-debuginfo centos-upgrade-php-dba centos-upgrade-php-dba-debuginfo centos-upgrade-php-dbg centos-upgrade-php-dbg-debuginfo centos-upgrade-php-debuginfo centos-upgrade-php-debugsource centos-upgrade-php-devel centos-upgrade-php-embedded centos-upgrade-php-embedded-debuginfo centos-upgrade-php-enchant centos-upgrade-php-enchant-debuginfo centos-upgrade-php-ffi centos-upgrade-php-ffi-debuginfo centos-upgrade-php-fpm centos-upgrade-php-fpm-debuginfo centos-upgrade-php-gd centos-upgrade-php-gd-debuginfo centos-upgrade-php-gmp centos-upgrade-php-gmp-debuginfo centos-upgrade-php-intl centos-upgrade-php-intl-debuginfo centos-upgrade-php-ldap centos-upgrade-php-ldap-debuginfo centos-upgrade-php-mbstring centos-upgrade-php-mbstring-debuginfo centos-upgrade-php-mysqlnd centos-upgrade-php-mysqlnd-debuginfo centos-upgrade-php-odbc centos-upgrade-php-odbc-debuginfo centos-upgrade-php-opcache centos-upgrade-php-opcache-debuginfo centos-upgrade-php-pdo centos-upgrade-php-pdo-debuginfo centos-upgrade-php-pear centos-upgrade-php-pecl-apcu centos-upgrade-php-pecl-apcu-debuginfo centos-upgrade-php-pecl-apcu-debugsource centos-upgrade-php-pecl-apcu-devel centos-upgrade-php-pecl-rrd centos-upgrade-php-pecl-rrd-debuginfo centos-upgrade-php-pecl-rrd-debugsource centos-upgrade-php-pecl-xdebug3 centos-upgrade-php-pecl-xdebug3-debuginfo centos-upgrade-php-pecl-xdebug3-debugsource centos-upgrade-php-pecl-zip centos-upgrade-php-pecl-zip-debuginfo centos-upgrade-php-pecl-zip-debugsource centos-upgrade-php-pgsql centos-upgrade-php-pgsql-debuginfo centos-upgrade-php-process centos-upgrade-php-process-debuginfo centos-upgrade-php-snmp centos-upgrade-php-snmp-debuginfo centos-upgrade-php-soap centos-upgrade-php-soap-debuginfo centos-upgrade-php-xml centos-upgrade-php-xml-debuginfo References CVE-2023-0568

Huawei EulerOS: CVE-2023-25173: containerd security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 07/05/2023 Added 07/05/2023 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) huawei-euleros-2_0_sp11-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173 EulerOS-SA-2023-2285

Ubuntu: USN-6202-1 (CVE-2023-25173): containerd vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/16/2023 Created 07/06/2023 Added 07/06/2023 Modified 01/30/2025 Description containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. Solution(s) ubuntu-pro-upgrade-containerd References https://attackerkb.com/topics/cve-2023-25173 CVE - 2023-25173 USN-6202-1

Ubuntu: (Multiple Advisories) (CVE-2023-0662): PHP vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-2 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-fpm ubuntu-pro-upgrade-php7-0-sqlite3 ubuntu-pro-upgrade-php7-0-zip ubuntu-pro-upgrade-php7-2 ubuntu-pro-upgrade-php7-2-cgi ubuntu-pro-upgrade-php7-2-cli ubuntu-pro-upgrade-php7-2-fpm ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-fpm References https://attackerkb.com/topics/cve-2023-0662 CVE - 2023-0662 USN-5902-1 USN-5905-1

Debian: CVE-2022-33196: intel-microcode -- security update Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 02/16/2023 Created 04/04/2023 Added 04/03/2023 Modified 01/28/2025 Description Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) debian-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2022-33196 CVE - 2022-33196 DLA-3379-1

Amazon Linux 2023: CVE-2023-20052: Critical priority package update for clamav Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 02/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process. Solution(s) amazon-linux-2023-upgrade-clamav amazon-linux-2023-upgrade-clamav-data amazon-linux-2023-upgrade-clamav-debuginfo amazon-linux-2023-upgrade-clamav-debugsource amazon-linux-2023-upgrade-clamav-devel amazon-linux-2023-upgrade-clamav-doc amazon-linux-2023-upgrade-clamav-filesystem amazon-linux-2023-upgrade-clamav-lib amazon-linux-2023-upgrade-clamav-lib-debuginfo amazon-linux-2023-upgrade-clamav-milter amazon-linux-2023-upgrade-clamav-milter-debuginfo amazon-linux-2023-upgrade-clamav-update amazon-linux-2023-upgrade-clamav-update-debuginfo amazon-linux-2023-upgrade-clamd amazon-linux-2023-upgrade-clamd-debuginfo References https://attackerkb.com/topics/cve-2023-20052 CVE - 2023-20052 https://alas.aws.amazon.com/AL2023/ALAS-2023-112.html

Amazon Linux 2023: CVE-2023-20032: Critical priority package update for clamav Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/16/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"]. Solution(s) amazon-linux-2023-upgrade-clamav amazon-linux-2023-upgrade-clamav-data amazon-linux-2023-upgrade-clamav-debuginfo amazon-linux-2023-upgrade-clamav-debugsource amazon-linux-2023-upgrade-clamav-devel amazon-linux-2023-upgrade-clamav-doc amazon-linux-2023-upgrade-clamav-filesystem amazon-linux-2023-upgrade-clamav-lib amazon-linux-2023-upgrade-clamav-lib-debuginfo amazon-linux-2023-upgrade-clamav-milter amazon-linux-2023-upgrade-clamav-milter-debuginfo amazon-linux-2023-upgrade-clamav-update amazon-linux-2023-upgrade-clamav-update-debuginfo amazon-linux-2023-upgrade-clamd amazon-linux-2023-upgrade-clamd-debuginfo References https://attackerkb.com/topics/cve-2023-20032 CVE - 2023-20032 https://alas.aws.amazon.com/AL2023/ALAS-2023-112.html

Huawei EulerOS: CVE-2023-25153: docker-engine security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18.Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. Solution(s) huawei-euleros-2_0_sp10-upgrade-docker-engine References https://attackerkb.com/topics/cve-2023-25153 CVE - 2023-25153 EulerOS-SA-2023-1971

Red Hat: CVE-2023-24807: Regular Expression Denial of Service in Headers fetch API (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/16/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. Solution(s) redhat-upgrade-nodejs redhat-upgrade-nodejs-debuginfo redhat-upgrade-nodejs-debugsource redhat-upgrade-nodejs-devel redhat-upgrade-nodejs-docs redhat-upgrade-nodejs-full-i18n redhat-upgrade-nodejs-libs redhat-upgrade-nodejs-libs-debuginfo redhat-upgrade-nodejs-nodemon redhat-upgrade-nodejs-packaging redhat-upgrade-nodejs-packaging-bundler redhat-upgrade-npm References CVE-2023-24807 RHSA-2023:1582 RHSA-2023:1583 RHSA-2023:2654 RHSA-2023:2655 RHSA-2023:5533