ISHACK AI BOT

Huawei EulerOS: CVE-2022-44617: libXpm security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/06/2023 Created 05/05/2023 Added 04/13/2023 Modified 01/28/2025 Description A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. Solution(s) huawei-euleros-2_0_sp8-upgrade-libxpm huawei-euleros-2_0_sp8-upgrade-libxpm-devel References https://attackerkb.com/topics/cve-2022-44617 CVE - 2022-44617 EulerOS-SA-2023-1615

Huawei EulerOS: CVE-2023-0687: glibc security update Severity 4 CVSS (AV:A/AC:H/Au:S/C:P/I:P/A:P) Published 02/06/2023 Created 07/23/2024 Added 07/23/2024 Modified 10/08/2024 Description A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled. Solution(s) huawei-euleros-2_0_sp8-upgrade-glibc huawei-euleros-2_0_sp8-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp8-upgrade-glibc-common huawei-euleros-2_0_sp8-upgrade-glibc-devel huawei-euleros-2_0_sp8-upgrade-glibc-headers huawei-euleros-2_0_sp8-upgrade-glibc-langpack-aa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-af huawei-euleros-2_0_sp8-upgrade-glibc-langpack-agr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ak huawei-euleros-2_0_sp8-upgrade-glibc-langpack-am huawei-euleros-2_0_sp8-upgrade-glibc-langpack-an huawei-euleros-2_0_sp8-upgrade-glibc-langpack-anp huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ar huawei-euleros-2_0_sp8-upgrade-glibc-langpack-as huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ast huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ayc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-az huawei-euleros-2_0_sp8-upgrade-glibc-langpack-be huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bem huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ber huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bhb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bho huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-br huawei-euleros-2_0_sp8-upgrade-glibc-langpack-brx huawei-euleros-2_0_sp8-upgrade-glibc-langpack-bs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-byn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ca huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ce huawei-euleros-2_0_sp8-upgrade-glibc-langpack-chr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cmn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-crh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-csb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-cy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-da huawei-euleros-2_0_sp8-upgrade-glibc-langpack-de huawei-euleros-2_0_sp8-upgrade-glibc-langpack-doi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dsb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-dz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-el huawei-euleros-2_0_sp8-upgrade-glibc-langpack-en huawei-euleros-2_0_sp8-upgrade-glibc-langpack-eo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-es huawei-euleros-2_0_sp8-upgrade-glibc-langpack-et huawei-euleros-2_0_sp8-upgrade-glibc-langpack-eu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ff huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fil huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fur huawei-euleros-2_0_sp8-upgrade-glibc-langpack-fy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ga huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gd huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gez huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-gv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ha huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hak huawei-euleros-2_0_sp8-upgrade-glibc-langpack-he huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hif huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hne huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hsb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ht huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-hy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ia huawei-euleros-2_0_sp8-upgrade-glibc-langpack-id huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ig huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ik huawei-euleros-2_0_sp8-upgrade-glibc-langpack-is huawei-euleros-2_0_sp8-upgrade-glibc-langpack-it huawei-euleros-2_0_sp8-upgrade-glibc-langpack-iu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ja huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ka huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kab huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-km huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ko huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kok huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ks huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ku huawei-euleros-2_0_sp8-upgrade-glibc-langpack-kw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ky huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-li huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lij huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ln huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-lzh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mag huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mai huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mfe huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mhr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-miq huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mjw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ml huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mni huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ms huawei-euleros-2_0_sp8-upgrade-glibc-langpack-mt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-my huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nan huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nb huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nds huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ne huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nhn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-niu huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-nso huawei-euleros-2_0_sp8-upgrade-glibc-langpack-oc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-om huawei-euleros-2_0_sp8-upgrade-glibc-langpack-or huawei-euleros-2_0_sp8-upgrade-glibc-langpack-os huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pap huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ps huawei-euleros-2_0_sp8-upgrade-glibc-langpack-pt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-quz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-raj huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ro huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ru huawei-euleros-2_0_sp8-upgrade-glibc-langpack-rw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sah huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sat huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sc huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sd huawei-euleros-2_0_sp8-upgrade-glibc-langpack-se huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sgs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-shn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-shs huawei-euleros-2_0_sp8-upgrade-glibc-langpack-si huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sid huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sm huawei-euleros-2_0_sp8-upgrade-glibc-langpack-so huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sq huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ss huawei-euleros-2_0_sp8-upgrade-glibc-langpack-st huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sv huawei-euleros-2_0_sp8-upgrade-glibc-langpack-sw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-szl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ta huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tcy huawei-euleros-2_0_sp8-upgrade-glibc-langpack-te huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tg huawei-euleros-2_0_sp8-upgrade-glibc-langpack-th huawei-euleros-2_0_sp8-upgrade-glibc-langpack-the huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ti huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tig huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tl huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tn huawei-euleros-2_0_sp8-upgrade-glibc-langpack-to huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tpi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tr huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ts huawei-euleros-2_0_sp8-upgrade-glibc-langpack-tt huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ug huawei-euleros-2_0_sp8-upgrade-glibc-langpack-uk huawei-euleros-2_0_sp8-upgrade-glibc-langpack-unm huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ur huawei-euleros-2_0_sp8-upgrade-glibc-langpack-uz huawei-euleros-2_0_sp8-upgrade-glibc-langpack-ve huawei-euleros-2_0_sp8-upgrade-glibc-langpack-vi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wa huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wae huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wal huawei-euleros-2_0_sp8-upgrade-glibc-langpack-wo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-xh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yi huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yo huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yue huawei-euleros-2_0_sp8-upgrade-glibc-langpack-yuw huawei-euleros-2_0_sp8-upgrade-glibc-langpack-zh huawei-euleros-2_0_sp8-upgrade-glibc-langpack-zu huawei-euleros-2_0_sp8-upgrade-glibc-locale-source huawei-euleros-2_0_sp8-upgrade-glibc-minimal-langpack huawei-euleros-2_0_sp8-upgrade-glibc-static huawei-euleros-2_0_sp8-upgrade-glibc-utils huawei-euleros-2_0_sp8-upgrade-libnsl huawei-euleros-2_0_sp8-upgrade-nscd huawei-euleros-2_0_sp8-upgrade-nss_db huawei-euleros-2_0_sp8-upgrade-nss_hesiod References https://attackerkb.com/topics/cve-2023-0687 CVE - 2023-0687 EulerOS-SA-2024-2466

Huawei EulerOS: CVE-2022-44617: libXpm security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/06/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. Solution(s) huawei-euleros-2_0_sp10-upgrade-libxpm References https://attackerkb.com/topics/cve-2022-44617 CVE - 2022-44617 EulerOS-SA-2023-1556

Debian: CVE-2022-44267: imagemagick -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/06/2023 Created 02/17/2023 Added 02/16/2023 Modified 01/28/2025 Description ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. Solution(s) debian-upgrade-imagemagick References https://attackerkb.com/topics/cve-2022-44267 CVE - 2022-44267 DSA-5347 DSA-5347-1

VMware Photon OS: CVE-2022-44268 Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 02/06/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-44268 CVE - 2022-44268

Red Hat: CVE-2023-0430: Revocation status of S/Mime signature certificates was not checked (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 02/06/2023 Created 02/08/2023 Added 02/08/2023 Modified 01/28/2025 Description Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1. Solution(s) redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-0430 RHSA-2023:0600 RHSA-2023:0603 RHSA-2023:0605 RHSA-2023:0606 RHSA-2023:0607 RHSA-2023:0608 View more

Debian: CVE-2023-0615: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/06/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-0615 CVE - 2023-0615

Debian: CVE-2023-23942: nextcloud-desktop -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 02/06/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as `strong`, `em` and `head` lines in the UI of the desktop client. The lack of sanitisation may allow for javascript injection. It is recommended that the Nextcloud Desktop Client is upgraded to 3.6.3. There are no known workarounds for this issue. Solution(s) debian-upgrade-nextcloud-desktop References https://attackerkb.com/topics/cve-2023-23942 CVE - 2023-23942

Amazon Linux 2023: CVE-2022-44267: Medium priority package update for ImageMagick Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/06/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. A vulnerability was found in ImageMagick that is triggered when the software parses a PNG image containing a single dash (-) in the filename. To remotely exploit this bug, an attacker can upload a malicious PNG with a text chunk that adds a single dash in the name to any site using ImageMagick. The site would then parse the image, and ImageMagick would interpret the text string as the filename, loading the content as a raw profile. If this text string contains a single dash, the program would then try to read content from the standard input, potentially leaving the conversion process waiting infinitely, causing a denial of service. Solution(s) amazon-linux-2023-upgrade-imagemagick amazon-linux-2023-upgrade-imagemagick-c amazon-linux-2023-upgrade-imagemagick-c-debuginfo amazon-linux-2023-upgrade-imagemagick-c-devel amazon-linux-2023-upgrade-imagemagick-debuginfo amazon-linux-2023-upgrade-imagemagick-debugsource amazon-linux-2023-upgrade-imagemagick-devel amazon-linux-2023-upgrade-imagemagick-doc amazon-linux-2023-upgrade-imagemagick-libs amazon-linux-2023-upgrade-imagemagick-libs-debuginfo amazon-linux-2023-upgrade-imagemagick-perl amazon-linux-2023-upgrade-imagemagick-perl-debuginfo References https://attackerkb.com/topics/cve-2022-44267 CVE - 2022-44267 https://alas.aws.amazon.com/AL2023/ALAS-2023-121.html

Amazon Linux AMI 2: CVE-2022-44268: Security patch for ImageMagick (ALAS-2023-1961) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 02/06/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/28/2025 Description ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). Solution(s) amazon-linux-ami-2-upgrade-imagemagick amazon-linux-ami-2-upgrade-imagemagick-c amazon-linux-ami-2-upgrade-imagemagick-c-devel amazon-linux-ami-2-upgrade-imagemagick-debuginfo amazon-linux-ami-2-upgrade-imagemagick-devel amazon-linux-ami-2-upgrade-imagemagick-doc amazon-linux-ami-2-upgrade-imagemagick-perl References https://attackerkb.com/topics/cve-2022-44268 AL2/ALAS-2023-1961 CVE - 2022-44268

Oracle Linux: CVE-2023-1077: ELSA-2024-12150: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 02/06/2023 Created 02/06/2024 Added 02/02/2024 Modified 01/23/2025 Description In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. A memory corruption flaw was found in the Linux kernel&apos;s scheduler subsystem. This could allow a local user to crash the system or potentially escalate their privileges on the system. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-1077 CVE - 2023-1077 ELSA-2024-12150 ELSA-2024-12110

Gentoo Linux: CVE-2022-44617: libXpm: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/06/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. Solution(s) gentoo-linux-upgrade-x11-libs-libxpm References https://attackerkb.com/topics/cve-2022-44617 CVE - 2022-44617 202408-03

Debian: CVE-2022-44268: imagemagick -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 02/06/2023 Created 02/17/2023 Added 02/16/2023 Modified 01/28/2025 Description ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). Solution(s) debian-upgrade-imagemagick References https://attackerkb.com/topics/cve-2022-44268 CVE - 2022-44268 DSA-5347 DSA-5347-1

Gentoo Linux: CVE-2022-44267: ImageMagick: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/06/2023 Created 05/06/2024 Added 05/06/2024 Modified 01/28/2025 Description ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. Solution(s) gentoo-linux-upgrade-media-gfx-imagemagick References https://attackerkb.com/topics/cve-2022-44267 CVE - 2022-44267 202405-02

Gentoo Linux: CVE-2023-25193: HarfBuzz: Denial of Service Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/04/2023 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Solution(s) gentoo-linux-upgrade-media-libs-harfbuzz References https://attackerkb.com/topics/cve-2023-25193 CVE - 2023-25193 202407-24

Huawei EulerOS: CVE-2023-25193: harfbuzz security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/04/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Solution(s) huawei-euleros-2_0_sp5-upgrade-harfbuzz huawei-euleros-2_0_sp5-upgrade-harfbuzz-devel huawei-euleros-2_0_sp5-upgrade-harfbuzz-icu References https://attackerkb.com/topics/cve-2023-25193 CVE - 2023-25193 EulerOS-SA-2024-1142

Amazon Linux AMI 2: CVE-2023-25193: Security patch for harfbuzz, java-11-amazon-corretto, java-17-amazon-corretto, thunderbird (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/04/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Solution(s) amazon-linux-ami-2-upgrade-harfbuzz amazon-linux-ami-2-upgrade-harfbuzz-debuginfo amazon-linux-ami-2-upgrade-harfbuzz-devel amazon-linux-ami-2-upgrade-harfbuzz-icu amazon-linux-ami-2-upgrade-java-11-amazon-corretto amazon-linux-ami-2-upgrade-java-11-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-11-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-17-amazon-corretto amazon-linux-ami-2-upgrade-java-17-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-17-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-17-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-17-amazon-corretto-jmods amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-25193 AL2/ALAS-2023-1983 AL2/ALAS-2023-2137 AL2/ALAS-2023-2138 AL2/ALAS-2024-2587 CVE - 2023-25193

SUSE: CVE-2023-0341: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 02/01/2023 Created 05/05/2023 Added 05/05/2023 Modified 01/28/2025 Description A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer. Solution(s) suse-upgrade-editorconfig suse-upgrade-libeditorconfig-devel suse-upgrade-libeditorconfig-devel-32bit suse-upgrade-libeditorconfig-devel-64bit suse-upgrade-libeditorconfig0 suse-upgrade-libeditorconfig0-32bit suse-upgrade-libeditorconfig0-64bit References https://attackerkb.com/topics/cve-2023-0341 CVE - 2023-0341

Atlassian Bitbucket: Critical severity authentication vulnerability (CVE-2023-22501) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:P) Published 02/01/2023 Created 02/07/2023 Added 02/06/2023 Modified 03/03/2023 Description A critical severity authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances Solution(s) atlassian-jira-service-management-cve-2023-22501 References https://attackerkb.com/topics/cve-2023-22501 CVE - 2023-22501 https://jira.atlassian.com/browse/JSDSERVER-12312 https://confluence.atlassian.com/kb/faq-for-cve-2023-22501-1189797488.html https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-cve-2023-22501-1188786458.html

Amazon Linux AMI 2: CVE-2022-4254: Security patch for sssd (ALAS-2023-1995) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 02/01/2023 Created 03/23/2023 Added 03/22/2023 Modified 01/28/2025 Description sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters Solution(s) amazon-linux-ami-2-upgrade-libipa_hbac amazon-linux-ami-2-upgrade-libipa_hbac-devel amazon-linux-ami-2-upgrade-libsss_autofs amazon-linux-ami-2-upgrade-libsss_certmap amazon-linux-ami-2-upgrade-libsss_certmap-devel amazon-linux-ami-2-upgrade-libsss_idmap amazon-linux-ami-2-upgrade-libsss_idmap-devel amazon-linux-ami-2-upgrade-libsss_nss_idmap amazon-linux-ami-2-upgrade-libsss_nss_idmap-devel amazon-linux-ami-2-upgrade-libsss_simpleifp amazon-linux-ami-2-upgrade-libsss_simpleifp-devel amazon-linux-ami-2-upgrade-libsss_sudo amazon-linux-ami-2-upgrade-python-libipa_hbac amazon-linux-ami-2-upgrade-python-libsss_nss_idmap amazon-linux-ami-2-upgrade-python-sss amazon-linux-ami-2-upgrade-python-sss-murmur amazon-linux-ami-2-upgrade-python-sssdconfig amazon-linux-ami-2-upgrade-sssd amazon-linux-ami-2-upgrade-sssd-ad amazon-linux-ami-2-upgrade-sssd-client amazon-linux-ami-2-upgrade-sssd-common amazon-linux-ami-2-upgrade-sssd-common-pac amazon-linux-ami-2-upgrade-sssd-dbus amazon-linux-ami-2-upgrade-sssd-debuginfo amazon-linux-ami-2-upgrade-sssd-ipa amazon-linux-ami-2-upgrade-sssd-kcm amazon-linux-ami-2-upgrade-sssd-krb5 amazon-linux-ami-2-upgrade-sssd-krb5-common amazon-linux-ami-2-upgrade-sssd-ldap amazon-linux-ami-2-upgrade-sssd-libwbclient amazon-linux-ami-2-upgrade-sssd-libwbclient-devel amazon-linux-ami-2-upgrade-sssd-polkit-rules amazon-linux-ami-2-upgrade-sssd-proxy amazon-linux-ami-2-upgrade-sssd-tools amazon-linux-ami-2-upgrade-sssd-winbind-idmap References https://attackerkb.com/topics/cve-2022-4254 AL2/ALAS-2023-1995 CVE - 2022-4254

F5 Networks: CVE-2023-23555: K24572686: BIG-IP Virtual Edition vulnerability CVE-2023-23555 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 08/27/2024 Added 08/23/2024 Modified 01/28/2025 Description On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-23555 CVE - 2023-23555 https://my.f5.com/manage/s/article/K24572686

F5 Networks: CVE-2023-22358: K76964818: BIG-IP Edge Client for Windows vulnerability CVE-2023-22358 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/01/2023 Created 12/07/2023 Added 12/06/2023 Modified 01/28/2025 Description In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-22358 CVE - 2023-22358 https://my.f5.com/manage/s/article/K76964818

F5 Networks: CVE-2023-23552: K17542533: BIG-IP Advanced WAF and ASM vulnerability CVE-2023-23552 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 12/09/2023 Added 12/08/2023 Modified 01/28/2025 Description On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-23552 CVE - 2023-23552 https://my.f5.com/manage/s/article/K17542533

F5 Networks: CVE-2023-22422: K43881487: HTTP profile vulnerability CVE-2023-22422 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 12/07/2023 Added 12/06/2023 Modified 01/28/2025 Description On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-22422 CVE - 2023-22422 https://my.f5.com/manage/s/article/K43881487

F5 Networks: CVE-2023-22323: K56412001: BIG-IP SSL OCSP Authentication profile vulnerability CVE-2023-22323 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 12/07/2023 Added 12/06/2023 Modified 01/28/2025 Description In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-22323 CVE - 2023-22323 https://my.f5.com/manage/s/article/K56412001