ISHACK AI BOT

Oracle Linux: CVE-2023-25567: ELSA-2023-3097:gssntlmssp security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 05/29/2023 Added 05/25/2023 Modified 12/05/2024 Description GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to version 1.2.0. The length of the `av_pair` is not checked properly for two of the elements which can trigger an out-of-bound read. The out-of-bounds read can be triggered via the main `gss_accept_sec_context` entry point and could cause a denial-of-service if the memory is unmapped. The issue is fixed in version 1.2.0. A flaw was found in GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication. It has an out-of-bounds read when decoding target information. The length of the `av_pair` is not checked properly for two of the elements, which can trigger an out-of-bounds read via the main `gss_accept_sec_context` entry point and could cause a denial of service if the memory is unmapped. Solution(s) oracle-linux-upgrade-gssntlmssp References https://attackerkb.com/topics/cve-2023-25567 CVE - 2023-25567 ELSA-2023-3097

Rocky Linux: CVE-2023-23946: git (RLSA-2023-3246) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 02/14/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. Solution(s) rocky-upgrade-git rocky-upgrade-git-core rocky-upgrade-git-core-debuginfo rocky-upgrade-git-credential-libsecret rocky-upgrade-git-credential-libsecret-debuginfo rocky-upgrade-git-daemon rocky-upgrade-git-daemon-debuginfo rocky-upgrade-git-debuginfo rocky-upgrade-git-debugsource rocky-upgrade-git-subtree References https://attackerkb.com/topics/cve-2023-23946 CVE - 2023-23946 https://errata.rockylinux.org/RLSA-2023:3246

Alpine Linux: CVE-2023-21808: Vulnerability in Multiple Components Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 02/14/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/14/2024 Description .NET and Visual Studio Remote Code Execution Vulnerability Solution(s) alpine-linux-upgrade-dotnet6-build alpine-linux-upgrade-dotnet6-runtime alpine-linux-upgrade-dotnet7-build alpine-linux-upgrade-dotnet7-runtime References https://attackerkb.com/topics/cve-2023-21808 CVE - 2023-21808 https://security.alpinelinux.org/vuln/CVE-2023-21808

Huawei EulerOS: CVE-2023-25725: haproxy security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:C) Published 02/14/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/30/2025 Description HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31. Solution(s) huawei-euleros-2_0_sp9-upgrade-haproxy References https://attackerkb.com/topics/cve-2023-25725 CVE - 2023-25725 EulerOS-SA-2023-1870

Oracle Linux: CVE-2023-25744: ELSA-2023-0810:firefox security update (IMPORTANT) (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/14/2023 Created 02/22/2023 Added 02/21/2023 Modified 01/07/2025 Description Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8. The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-25744 CVE - 2023-25744 ELSA-2023-0810 ELSA-2023-0808 ELSA-2023-0821 ELSA-2023-0812 ELSA-2023-0824 ELSA-2023-0817 View more

Alpine Linux: CVE-2023-22490: Link Following Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 02/14/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs. Solution(s) alpine-linux-upgrade-git References https://attackerkb.com/topics/cve-2023-22490 CVE - 2023-22490 https://security.alpinelinux.org/vuln/CVE-2023-22490

OS X update for Kernel (CVE-2023-23514) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 02/14/2023 Created 02/15/2023 Added 02/14/2023 Modified 01/28/2025 Description A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_2_1 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-23514 CVE - 2023-23514 https://support.apple.com/kb/HT213633 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

Huawei EulerOS: CVE-2023-25577: python-werkzeug security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/30/2025 Description Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses `request.data`, `request.form`, `request.files`, or `request.get_data(parse_form_data=False)`, it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers. Version 2.2.3 contains a patch for this issue. Solution(s) huawei-euleros-2_0_sp5-upgrade-python-werkzeug References https://attackerkb.com/topics/cve-2023-25577 CVE - 2023-25577 EulerOS-SA-2023-2167

Gentoo Linux: CVE-2023-21720: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 10/03/2023 Added 10/02/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Tampering Vulnerability Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-21720 CVE - 2023-21720 202309-17

Debian: CVE-2023-25567: gss-ntlmssp -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to version 1.2.0. The length of the `av_pair` is not checked properly for two of the elements which can trigger an out-of-bound read. The out-of-bounds read can be triggered via the main `gss_accept_sec_context` entry point and could cause a denial-of-service if the memory is unmapped. The issue is fixed in version 1.2.0. Solution(s) debian-upgrade-gss-ntlmssp References https://attackerkb.com/topics/cve-2023-25567 CVE - 2023-25567

Huawei EulerOS: CVE-2023-22490: git security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 02/14/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/30/2025 Description Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs. Solution(s) huawei-euleros-2_0_sp5-upgrade-git huawei-euleros-2_0_sp5-upgrade-git-core huawei-euleros-2_0_sp5-upgrade-git-core-doc huawei-euleros-2_0_sp5-upgrade-perl-git References https://attackerkb.com/topics/cve-2023-22490 CVE - 2023-22490 EulerOS-SA-2023-2145

MFSA2023-05 Firefox: Security Vulnerabilities fixed in Firefox 110 (CVE-2023-25733) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 02/17/2023 Added 02/16/2023 Modified 01/30/2025 Description The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110. Solution(s) mozilla-firefox-upgrade-110_0 References https://attackerkb.com/topics/cve-2023-25733 CVE - 2023-25733 http://www.mozilla.org/security/announce/2023/mfsa2023-05.html

Alma Linux: CVE-2023-23946: Important: git security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 02/14/2023 Created 05/24/2023 Added 05/24/2023 Modified 01/28/2025 Description Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. Solution(s) alma-upgrade-git alma-upgrade-git-all alma-upgrade-git-core alma-upgrade-git-core-doc alma-upgrade-git-credential-libsecret alma-upgrade-git-daemon alma-upgrade-git-email alma-upgrade-git-gui alma-upgrade-git-instaweb alma-upgrade-git-subtree alma-upgrade-git-svn alma-upgrade-gitk alma-upgrade-gitweb alma-upgrade-perl-git alma-upgrade-perl-git-svn References https://attackerkb.com/topics/cve-2023-23946 CVE - 2023-23946 https://errata.almalinux.org/8/ALSA-2023-3246.html https://errata.almalinux.org/9/ALSA-2023-3245.html

Huawei EulerOS: CVE-2023-23946: git security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 02/14/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. Solution(s) huawei-euleros-2_0_sp5-upgrade-git huawei-euleros-2_0_sp5-upgrade-git-core huawei-euleros-2_0_sp5-upgrade-git-core-doc huawei-euleros-2_0_sp5-upgrade-perl-git References https://attackerkb.com/topics/cve-2023-23946 CVE - 2023-23946 EulerOS-SA-2023-2145

Alma Linux: CVE-2023-25564: Moderate: gssntlmssp security update (ALSA-2023-3097) Severity 9 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:C) Published 02/14/2023 Created 05/23/2023 Added 05/23/2023 Modified 01/28/2025 Description GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outlen` was not initialized and could cause writing a zero to an arbitrary place in memory if `ntlm_str_convert()` were to fail, which would leave `outlen` uninitialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory space. This vulnerability can trigger an out-of-bounds write, leading to memory corruption. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This issue is fixed in version 1.2.0. Solution(s) alma-upgrade-gssntlmssp References https://attackerkb.com/topics/cve-2023-25564 CVE - 2023-25564 https://errata.almalinux.org/8/ALSA-2023-3097.html

Gentoo Linux: CVE-2023-22490: Git: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 02/14/2023 Created 12/29/2023 Added 12/28/2023 Modified 01/30/2025 Description Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs. Solution(s) gentoo-linux-upgrade-dev-vcs-git References https://attackerkb.com/topics/cve-2023-22490 CVE - 2023-22490 202312-15

Gentoo Linux: CVE-2023-23946: Git: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 02/14/2023 Created 12/29/2023 Added 12/28/2023 Modified 01/28/2025 Description Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. Solution(s) gentoo-linux-upgrade-dev-vcs-git References https://attackerkb.com/topics/cve-2023-23946 CVE - 2023-23946 202312-15

Oracle Linux: CVE-2023-25742: ELSA-2023-0810:firefox security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 02/14/2023 Created 02/22/2023 Added 02/21/2023 Modified 01/07/2025 Description When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox &lt; 110, Thunderbird &lt; 102.8, and Firefox ESR &lt; 102.8. The Mozilla Foundation Security Advisory describes this flaw as: When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-25742 CVE - 2023-25742 ELSA-2023-0810 ELSA-2023-0808 ELSA-2023-0821 ELSA-2023-0812 ELSA-2023-0824 ELSA-2023-0817 View more

Oracle Linux: CVE-2023-23934: ELSA-2023-12709: python-werkzeug security update (LOW) (Multiple Advisories) Severity 2 CVSS (AV:A/AC:H/Au:N/C:N/I:P/A:N) Published 02/14/2023 Created 08/09/2023 Added 08/07/2023 Modified 11/29/2024 Description Werkzeug is a comprehensive WSGI web application library. Browsers may allow &quot;nameless&quot; cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3. A flaw was found in python-werkzeug. Browsers may allow &quot;nameless&quot; cookies like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie for another subdomain. If a Werkzeug application is running next to a vulnerable or malicious subdomain that sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. Solution(s) oracle-linux-upgrade-python3-werkzeug References https://attackerkb.com/topics/cve-2023-23934 CVE - 2023-23934 ELSA-2023-12709

Amazon Linux AMI: CVE-2022-41724: Security patch for golang ((Multiple Advisories)) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert). Solution(s) amazon-linux-upgrade-golang References ALAS-2023-1848 CVE-2022-41724

Amazon Linux AMI: CVE-2022-41725: Security patch for golang ((Multiple Advisories)) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing "up to maxMemory bytes +10MB (reserved for non-file parts) in memory". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, "If stored on disk, the File's underlying concrete type will be an *os.File.". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader. Solution(s) amazon-linux-upgrade-golang References ALAS-2023-1848 CVE-2022-41725

Oracle Linux: CVE-2023-25729: ELSA-2023-0810:firefox security update (IMPORTANT) (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/14/2023 Created 02/22/2023 Added 02/21/2023 Modified 01/07/2025 Description Permission prompts for opening external schemes were only shown for &lt;code&gt;ContentPrincipals&lt;/code&gt; resulting in extensions being able to open them without user interaction via &lt;code&gt;ExpandedPrincipals&lt;/code&gt;. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox &lt; 110, Thunderbird &lt; 102.8, and Firefox ESR &lt; 102.8. The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for `ContentPrincipals` resulting in extensions being able to open them without user interaction via `ExpandedPrincipals`. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-25729 CVE - 2023-25729 ELSA-2023-0810 ELSA-2023-0808 ELSA-2023-0821 ELSA-2023-0812 ELSA-2023-0824 ELSA-2023-0817 View more

Oracle Linux: CVE-2023-1513: ELSA-2023-12323: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 02/14/2023 Created 05/05/2023 Added 05/03/2023 Modified 01/23/2025 Description A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-1513 CVE - 2023-1513 ELSA-2023-12323 ELSA-2024-3138

Adobe Animate: CVE-2023-22246: Security updates available for Adobe Animate (APSB23-15) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 02/14/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2023-22246 CVE - 2023-22246 https://helpx.adobe.com/security/products/animate/apsb23-15.html

Oracle Linux: CVE-2023-25566: ELSA-2023-3097:gssntlmssp security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/14/2023 Created 05/29/2023 Added 05/25/2023 Modified 12/05/2024 Description GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, a memory leak can be triggered when parsing usernames which can trigger a denial-of-service. The domain portion of a username may be overridden causing an allocated memory area the size of the domain name to be leaked. An attacker can leak memory via the main `gss_accept_sec_context` entry point, potentially causing a denial-of-service. This issue is fixed in version 1.2.0. A flaw was found in GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication. A memory leak can be triggered when parsing usernames, triggering a denial of service. The domain portion of a username may be overridden, causing an allocated memory area the size of the domain name to be leaked. This flaw allows an attacker to leak memory via the main `gss_accept_sec_context` entry point, potentially causing a denial of service. Solution(s) oracle-linux-upgrade-gssntlmssp References https://attackerkb.com/topics/cve-2023-25566 CVE - 2023-25566 ELSA-2023-3097