ISHACK AI BOT

Ubuntu: (Multiple Advisories) (CVE-2023-0266): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/30/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e Solution(s) ubuntu-upgrade-linux-image-4-15-0-1062-dell300x ubuntu-upgrade-linux-image-4-15-0-1116-oracle ubuntu-upgrade-linux-image-4-15-0-1129-raspi2 ubuntu-upgrade-linux-image-4-15-0-1137-kvm ubuntu-upgrade-linux-image-4-15-0-1147-gcp ubuntu-upgrade-linux-image-4-15-0-1148-snapdragon ubuntu-upgrade-linux-image-4-15-0-1153-aws ubuntu-upgrade-linux-image-4-15-0-1162-azure ubuntu-upgrade-linux-image-4-15-0-208-generic ubuntu-upgrade-linux-image-4-15-0-208-generic-lpae ubuntu-upgrade-linux-image-4-15-0-208-lowlatency ubuntu-upgrade-linux-image-5-15-0-1017-gkeop ubuntu-upgrade-linux-image-5-15-0-1026-raspi ubuntu-upgrade-linux-image-5-15-0-1026-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1027-ibm ubuntu-upgrade-linux-image-5-15-0-1027-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1029-gke ubuntu-upgrade-linux-image-5-15-0-1030-gke ubuntu-upgrade-linux-image-5-15-0-1030-kvm ubuntu-upgrade-linux-image-5-15-0-1031-gcp ubuntu-upgrade-linux-image-5-15-0-1032-oracle ubuntu-upgrade-linux-image-5-15-0-1033-aws ubuntu-upgrade-linux-image-5-15-0-1035-azure ubuntu-upgrade-linux-image-5-15-0-1035-azure-fde ubuntu-upgrade-linux-image-5-15-0-69-generic ubuntu-upgrade-linux-image-5-15-0-69-generic-64k ubuntu-upgrade-linux-image-5-15-0-69-generic-lpae ubuntu-upgrade-linux-image-5-15-0-69-lowlatency ubuntu-upgrade-linux-image-5-15-0-69-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1015-raspi ubuntu-upgrade-linux-image-5-19-0-1015-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1019-gcp ubuntu-upgrade-linux-image-5-19-0-1019-ibm ubuntu-upgrade-linux-image-5-19-0-1019-oracle ubuntu-upgrade-linux-image-5-19-0-1020-kvm ubuntu-upgrade-linux-image-5-19-0-1021-lowlatency ubuntu-upgrade-linux-image-5-19-0-1021-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1022-aws ubuntu-upgrade-linux-image-5-19-0-1022-azure ubuntu-upgrade-linux-image-5-19-0-38-generic ubuntu-upgrade-linux-image-5-19-0-38-generic-64k ubuntu-upgrade-linux-image-5-19-0-38-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1045-ibm ubuntu-upgrade-linux-image-5-4-0-1059-bluefield ubuntu-upgrade-linux-image-5-4-0-1065-gkeop ubuntu-upgrade-linux-image-5-4-0-1081-raspi ubuntu-upgrade-linux-image-5-4-0-1087-kvm ubuntu-upgrade-linux-image-5-4-0-1094-oracle ubuntu-upgrade-linux-image-5-4-0-1095-gke ubuntu-upgrade-linux-image-5-4-0-1097-aws ubuntu-upgrade-linux-image-5-4-0-1101-gcp ubuntu-upgrade-linux-image-5-4-0-1104-azure ubuntu-upgrade-linux-image-5-4-0-144-generic ubuntu-upgrade-linux-image-5-4-0-144-generic-lpae ubuntu-upgrade-linux-image-5-4-0-144-lowlatency ubuntu-upgrade-linux-image-6-1-0-1007-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-0266 CVE - 2023-0266 USN-5915-1 USN-5917-1 USN-5924-1 USN-5927-1 USN-5934-1 USN-5939-1 USN-5940-1 USN-5951-1 USN-5970-1 USN-5975-1 USN-5979-1 USN-5981-1 USN-5982-1 USN-5984-1 USN-5987-1 USN-5991-1 USN-6000-1 USN-6004-1 USN-6009-1 USN-6030-1 View more

OS X update for Vim (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-0512 CVE - 2023-0512 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

Debian: CVE-2022-48285: node-jszip -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 01/29/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive. Solution(s) debian-upgrade-node-jszip References https://attackerkb.com/topics/cve-2022-48285 CVE - 2022-48285

Froxlor Log Path RCE Disclosed 01/29/2023 Created 02/22/2023 Description Froxlor v2.0.7 and below suffer from a bug that allows authenticated users to change the application logs path to any directory on the OS level which the user www-data can write without restrictions from the backend which leads to writing a malicious Twig template that the application will render. That will lead to achieving a remote command execution under the user www-data. Author(s) Askar jheysel-r7 Platform Linux Architectures cmd Development Source Code History

Ubuntu: USN-6748-1 (CVE-2023-23627): Sanitize vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 01/28/2023 Created 04/25/2024 Added 04/25/2024 Modified 01/30/2025 Description Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is configured with a custom allowlist that allows `noscript` elements, attackers are able to include arbitrary HTML, resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. The default configurations do not allow `noscript` elements and are not vulnerable. This issue only affects users who are using a custom config that adds `noscript` to the element allowlist. This issue has been patched in version 6.0.1. Users who are unable to upgrade can prevent this issue by using one of Sanitize's default configs or by ensuring that their custom config does not include `noscript` in the element allowlist. Solution(s) ubuntu-upgrade-ruby-sanitize References https://attackerkb.com/topics/cve-2023-23627 CVE - 2023-23627 USN-6748-1

Debian: CVE-2023-23627: ruby-sanitize -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 01/28/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is configured with a custom allowlist that allows `noscript` elements, attackers are able to include arbitrary HTML, resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. The default configurations do not allow `noscript` elements and are not vulnerable. This issue only affects users who are using a custom config that adds `noscript` to the element allowlist. This issue has been patched in version 6.0.1. Users who are unable to upgrade can prevent this issue by using one of Sanitize's default configs or by ensuring that their custom config does not include `noscript` in the element allowlist. Solution(s) debian-upgrade-ruby-sanitize References https://attackerkb.com/topics/cve-2023-23627 CVE - 2023-23627

Oracle Linux: CVE-2023-1075: ELSA-2023-7077:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 01/28/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/07/2025 Description A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. A memory leak flaw was found in the Linux kernel's TLS protocol. This issue could allow a local user unauthorized access to some memory. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-1075 CVE - 2023-1075 ELSA-2023-7077 ELSA-2023-6583

Red Hat: CVE-2022-39324: Spoofing of the originalUrl parameter of snapshots (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:S/C:N/I:P/A:N) Published 01/27/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8. Solution(s) redhat-upgrade-grafana redhat-upgrade-grafana-debuginfo redhat-upgrade-grafana-debugsource References CVE-2022-39324 RHSA-2023:6420

Amazon Linux 2023: CVE-2023-0411: Important priority package update for wireshark Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/27/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file A flaw was found in the BPv6, NCP, and RTPS dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing excessive consumption of CPU resources due to excessive loops, resulting in a Denial of Service. Solution(s) amazon-linux-2023-upgrade-wireshark-cli amazon-linux-2023-upgrade-wireshark-cli-debuginfo amazon-linux-2023-upgrade-wireshark-debugsource amazon-linux-2023-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-0411 CVE - 2023-0411 https://alas.aws.amazon.com/AL2023/ALAS-2023-120.html

Amazon Linux 2023: CVE-2023-0412: Important priority package update for wireshark Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:C) Published 01/27/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file A flaw was found in the TIPC dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an out-of-bounds read, resulting in a Denial of Service. Solution(s) amazon-linux-2023-upgrade-wireshark-cli amazon-linux-2023-upgrade-wireshark-cli-debuginfo amazon-linux-2023-upgrade-wireshark-debugsource amazon-linux-2023-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-0412 CVE - 2023-0412 https://alas.aws.amazon.com/AL2023/ALAS-2023-120.html

Amazon Linux 2023: CVE-2023-0415: Important priority package update for wireshark Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/27/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file A flaw was found in the iSCSI dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a NULL pointer dereference, resulting in a Denial of Service. Solution(s) amazon-linux-2023-upgrade-wireshark-cli amazon-linux-2023-upgrade-wireshark-cli-debuginfo amazon-linux-2023-upgrade-wireshark-debugsource amazon-linux-2023-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-0415 CVE - 2023-0415 https://alas.aws.amazon.com/AL2023/ALAS-2023-120.html

Alma Linux: CVE-2022-4285: Moderate: binutils security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/27/2023 Created 05/23/2023 Added 05/23/2023 Modified 02/14/2025 Description An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. Solution(s) alma-upgrade-binutils alma-upgrade-binutils-devel alma-upgrade-binutils-gold alma-upgrade-gcc-toolset-12-binutils alma-upgrade-gcc-toolset-12-binutils-devel alma-upgrade-gcc-toolset-12-binutils-gold References https://attackerkb.com/topics/cve-2022-4285 CVE - 2022-4285 https://errata.almalinux.org/8/ALSA-2023-2873.html https://errata.almalinux.org/8/ALSA-2023-6236.html https://errata.almalinux.org/9/ALSA-2023-6593.html

Rocky Linux: CVE-2022-4139: kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/27/2023 Created 03/13/2024 Added 04/18/2024 Modified 01/28/2025 Description An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2022-4139 CVE - 2022-4139 https://errata.rockylinux.org/RLSA-2023:0101 https://errata.rockylinux.org/RLSA-2023:0114 https://errata.rockylinux.org/RLSA-2023:0300 https://errata.rockylinux.org/RLSA-2023:0334

Ubuntu: USN-6596-1 (CVE-2020-36658): Apache::Session::LDAP vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/27/2023 Created 01/26/2024 Added 01/25/2024 Modified 01/28/2025 Description In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. Solution(s) ubuntu-pro-upgrade-libapache-session-ldap-perl References https://attackerkb.com/topics/cve-2020-36658 CVE - 2020-36658 USN-6596-1

Microsoft Edge Chromium: CVE-2023-0471 Use after free in WebTransport Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/27/2023 Created 01/27/2023 Added 01/27/2023 Modified 01/28/2025 Description Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-0471 CVE - 2023-0471 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0471

VMware Photon OS: CVE-2022-4139 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-4139 CVE - 2022-4139

Alpine Linux: CVE-2022-4285: NULL Pointer Dereference Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/27/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2022-4285 CVE - 2022-4285 https://security.alpinelinux.org/vuln/CVE-2022-4285

SUSE: CVE-2022-39324: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:S/C:N/I:P/A:N) Published 01/27/2023 Created 03/22/2023 Added 03/21/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8. Solution(s) suse-upgrade-dracut-saltboot suse-upgrade-grafana suse-upgrade-spacecmd suse-upgrade-supportutils-plugin-salt References https://attackerkb.com/topics/cve-2022-39324 CVE - 2022-39324

SUSE: CVE-2023-0472: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/27/2023 Created 01/31/2023 Added 01/30/2023 Modified 01/28/2025 Description Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-0472 CVE - 2023-0472

SUSE: CVE-2022-23552: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 01/27/2023 Created 03/22/2023 Added 03/21/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix. Solution(s) suse-upgrade-dracut-saltboot suse-upgrade-grafana suse-upgrade-spacecmd suse-upgrade-supportutils-plugin-salt References https://attackerkb.com/topics/cve-2022-23552 CVE - 2022-23552

SUSE: CVE-2023-0471: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/27/2023 Created 01/31/2023 Added 01/30/2023 Modified 01/28/2025 Description Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-0471 CVE - 2023-0471

SUSE: CVE-2023-0473: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/27/2023 Created 01/31/2023 Added 01/30/2023 Modified 01/28/2025 Description Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-0473 CVE - 2023-0473

CentOS Linux: CVE-2022-4285: Moderate: gcc-toolset-12-binutils security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/27/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. Solution(s) centos-upgrade-binutils centos-upgrade-binutils-debuginfo centos-upgrade-binutils-debugsource centos-upgrade-binutils-devel centos-upgrade-binutils-gold centos-upgrade-binutils-gold-debuginfo centos-upgrade-cross-binutils-aarch64-debuginfo centos-upgrade-cross-binutils-ppc64le-debuginfo centos-upgrade-cross-binutils-s390x-debuginfo centos-upgrade-gcc-toolset-12-binutils centos-upgrade-gcc-toolset-12-binutils-debuginfo centos-upgrade-gcc-toolset-12-binutils-devel centos-upgrade-gcc-toolset-12-binutils-gold centos-upgrade-gcc-toolset-12-binutils-gold-debuginfo References CVE-2022-4285

Oracle Linux: CVE-2022-23552: ELSA-2023-6420:grafana security and enhancement update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 01/27/2023 Created 11/18/2023 Added 11/16/2023 Modified 11/30/2024 Description Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix. A flaw was found in The GeoMap and Canvas plugins of Grafana. The GeoMap and Canvas plugins are core plugins in Grafana, which means that all Grafana instances have GeoMap and Canvas installed. These two plugins are vulnerable to Cross-site scripting, where an attacker with an Editor role can add an SVG file containing malicious JavaScript code. The Javascript is executed when a user with an admin role later edits the GeoMap/Canvas panel. Solution(s) oracle-linux-upgrade-grafana References https://attackerkb.com/topics/cve-2022-23552 CVE - 2022-23552 ELSA-2023-6420

Debian: CVE-2022-4285: binutils -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. Solution(s) debian-upgrade-binutils References https://attackerkb.com/topics/cve-2022-4285 CVE - 2022-4285