ISHACK AI BOT

Red Hat: CVE-2022-3736: sending specific queries to the resolver may cause a DoS (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/26/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. Solution(s) redhat-upgrade-bind redhat-upgrade-bind-chroot redhat-upgrade-bind-debuginfo redhat-upgrade-bind-debugsource redhat-upgrade-bind-devel redhat-upgrade-bind-dnssec-doc redhat-upgrade-bind-dnssec-utils redhat-upgrade-bind-dnssec-utils-debuginfo redhat-upgrade-bind-doc redhat-upgrade-bind-libs redhat-upgrade-bind-libs-debuginfo redhat-upgrade-bind-license redhat-upgrade-bind-utils redhat-upgrade-bind-utils-debuginfo redhat-upgrade-bind9-16 redhat-upgrade-bind9-16-chroot redhat-upgrade-bind9-16-debuginfo redhat-upgrade-bind9-16-debugsource redhat-upgrade-bind9-16-devel redhat-upgrade-bind9-16-dnssec-utils redhat-upgrade-bind9-16-dnssec-utils-debuginfo redhat-upgrade-bind9-16-doc redhat-upgrade-bind9-16-libs redhat-upgrade-bind9-16-libs-debuginfo redhat-upgrade-bind9-16-license redhat-upgrade-bind9-16-utils redhat-upgrade-bind9-16-utils-debuginfo redhat-upgrade-python3-bind redhat-upgrade-python3-bind9-16 References CVE-2022-3736 RHSA-2023:2261 RHSA-2023:2792

Amazon Linux AMI 2: CVE-2023-0412: Security patch for wireshark (ALAS-2023-2040) Severity 8 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:C) Published 01/26/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file Solution(s) amazon-linux-ami-2-upgrade-wireshark amazon-linux-ami-2-upgrade-wireshark-cli amazon-linux-ami-2-upgrade-wireshark-debuginfo amazon-linux-ami-2-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-0412 AL2/ALAS-2023-2040 CVE - 2023-0412

Huawei EulerOS: CVE-2023-0394: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/26/2023 Created 05/08/2023 Added 05/08/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-0394 CVE - 2023-0394 EulerOS-SA-2023-1781

Huawei EulerOS: CVE-2023-0394: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/26/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-0394 CVE - 2023-0394 EulerOS-SA-2023-1551

Amazon Linux AMI 2: CVE-2022-3094: Security patch for bind (ALAS-2025-2729) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/26/2023 Created 01/11/2025 Added 01/10/2025 Modified 01/30/2025 Description Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1. Solution(s) amazon-linux-ami-2-upgrade-bind amazon-linux-ami-2-upgrade-bind-chroot amazon-linux-ami-2-upgrade-bind-debuginfo amazon-linux-ami-2-upgrade-bind-devel amazon-linux-ami-2-upgrade-bind-export-devel amazon-linux-ami-2-upgrade-bind-export-libs amazon-linux-ami-2-upgrade-bind-libs amazon-linux-ami-2-upgrade-bind-libs-lite amazon-linux-ami-2-upgrade-bind-license amazon-linux-ami-2-upgrade-bind-lite-devel amazon-linux-ami-2-upgrade-bind-pkcs11 amazon-linux-ami-2-upgrade-bind-pkcs11-devel amazon-linux-ami-2-upgrade-bind-pkcs11-libs amazon-linux-ami-2-upgrade-bind-pkcs11-utils amazon-linux-ami-2-upgrade-bind-sdb amazon-linux-ami-2-upgrade-bind-sdb-chroot amazon-linux-ami-2-upgrade-bind-utils References https://attackerkb.com/topics/cve-2022-3094 AL2/ALAS-2025-2729 CVE - 2022-3094

IBM AIX: bind_advisory23 (CVE-2022-3924): Vulnerability in bind affects AIX Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/26/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. Solution(s) ibm-aix-bind_advisory23 References https://attackerkb.com/topics/cve-2022-3924 CVE - 2022-3924 https://aix.software.ibm.com/aix/efixes/security/bind_advisory23.asc

Amazon Linux 2023: CVE-2022-3094: Important priority package update for bind Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/25/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1. A flaw was found in Bind, where sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This issue may cause named to slow down due to a lack of free memory, resulting in a denial of service (DoS). Solution(s) amazon-linux-2023-upgrade-bind amazon-linux-2023-upgrade-bind-chroot amazon-linux-2023-upgrade-bind-debuginfo amazon-linux-2023-upgrade-bind-debugsource amazon-linux-2023-upgrade-bind-devel amazon-linux-2023-upgrade-bind-dlz-filesystem amazon-linux-2023-upgrade-bind-dlz-filesystem-debuginfo amazon-linux-2023-upgrade-bind-dlz-ldap amazon-linux-2023-upgrade-bind-dlz-ldap-debuginfo amazon-linux-2023-upgrade-bind-dlz-mysql amazon-linux-2023-upgrade-bind-dlz-mysql-debuginfo amazon-linux-2023-upgrade-bind-dlz-sqlite3 amazon-linux-2023-upgrade-bind-dlz-sqlite3-debuginfo amazon-linux-2023-upgrade-bind-dnssec-doc amazon-linux-2023-upgrade-bind-dnssec-utils amazon-linux-2023-upgrade-bind-dnssec-utils-debuginfo amazon-linux-2023-upgrade-bind-libs amazon-linux-2023-upgrade-bind-libs-debuginfo amazon-linux-2023-upgrade-bind-license amazon-linux-2023-upgrade-bind-pkcs11 amazon-linux-2023-upgrade-bind-pkcs11-debuginfo amazon-linux-2023-upgrade-bind-pkcs11-devel amazon-linux-2023-upgrade-bind-pkcs11-libs amazon-linux-2023-upgrade-bind-pkcs11-libs-debuginfo amazon-linux-2023-upgrade-bind-pkcs11-utils amazon-linux-2023-upgrade-bind-pkcs11-utils-debuginfo amazon-linux-2023-upgrade-bind-utils amazon-linux-2023-upgrade-bind-utils-debuginfo amazon-linux-2023-upgrade-python3-bind References https://attackerkb.com/topics/cve-2022-3094 CVE - 2022-3094 https://alas.aws.amazon.com/AL2023/ALAS-2023-161.html

Google Chrome Vulnerability: CVE-2023-0474 Use after free in GuestView Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-0474 CVE - 2023-0474 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html https://crbug.com/1400841

Oracle Linux: CVE-2022-3094: ELSA-2023-2261:bind security and bug fix update (MODERATE) (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/25/2023 Created 05/19/2023 Added 05/18/2023 Modified 01/07/2025 Description Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1. A flaw was found in Bind, where sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This issue may cause named to slow down due to a lack of free memory, resulting in a denial of service (DoS). Solution(s) oracle-linux-upgrade-bind oracle-linux-upgrade-bind9-16 oracle-linux-upgrade-bind9-16-chroot oracle-linux-upgrade-bind9-16-devel oracle-linux-upgrade-bind9-16-dnssec-utils oracle-linux-upgrade-bind9-16-doc oracle-linux-upgrade-bind9-16-libs oracle-linux-upgrade-bind9-16-license oracle-linux-upgrade-bind9-16-utils oracle-linux-upgrade-bind-chroot oracle-linux-upgrade-bind-devel oracle-linux-upgrade-bind-dnssec-doc oracle-linux-upgrade-bind-dnssec-utils oracle-linux-upgrade-bind-doc oracle-linux-upgrade-bind-export-devel oracle-linux-upgrade-bind-export-libs oracle-linux-upgrade-bind-libs oracle-linux-upgrade-bind-libs-lite oracle-linux-upgrade-bind-license oracle-linux-upgrade-bind-lite-devel oracle-linux-upgrade-bind-pkcs11 oracle-linux-upgrade-bind-pkcs11-devel oracle-linux-upgrade-bind-pkcs11-libs oracle-linux-upgrade-bind-pkcs11-utils oracle-linux-upgrade-bind-sdb oracle-linux-upgrade-bind-sdb-chroot oracle-linux-upgrade-bind-utils oracle-linux-upgrade-python3-bind oracle-linux-upgrade-python3-bind9-16 References https://attackerkb.com/topics/cve-2022-3094 CVE - 2022-3094 ELSA-2023-2261 ELSA-2023-2792 ELSA-2023-7177

Oracle Linux: CVE-2022-3736: ELSA-2023-2261:bind security and bug fix update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/25/2023 Created 05/19/2023 Added 05/18/2023 Modified 11/30/2024 Description BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. A flaw was found in Bind, where a resolver crash is possible. When stale cache and stale answers are enabled, the option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. Solution(s) oracle-linux-upgrade-bind9-16 oracle-linux-upgrade-bind9-16-chroot oracle-linux-upgrade-bind9-16-devel oracle-linux-upgrade-bind9-16-dnssec-utils oracle-linux-upgrade-bind9-16-doc oracle-linux-upgrade-bind9-16-libs oracle-linux-upgrade-bind9-16-license oracle-linux-upgrade-bind9-16-utils oracle-linux-upgrade-python3-bind9-16 References https://attackerkb.com/topics/cve-2022-3736 CVE - 2022-3736 ELSA-2023-2261 ELSA-2023-2792

Google Chrome Vulnerability: CVE-2023-0471 Use after free in WebTransport Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-0471 CVE - 2023-0471 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html https://crbug.com/1376354

Alpine Linux: CVE-2022-3924: Reachable Assertion Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. Solution(s) alpine-linux-upgrade-bind References https://attackerkb.com/topics/cve-2022-3924 CVE - 2022-3924 https://security.alpinelinux.org/vuln/CVE-2022-3924

Oracle Linux: CVE-2022-3924: ELSA-2023-2261:bind security and bug fix update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/25/2023 Created 05/19/2023 Added 05/18/2023 Modified 11/30/2024 Description This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. A flaw was found in Bind. When resolver receives many queries requiring recursion, there will be a corresponding increase in the number of clients waiting for recursion to complete. This may, under certain conditions, lead to an assertion failure and a denial of service. Solution(s) oracle-linux-upgrade-bind9-16 oracle-linux-upgrade-bind9-16-chroot oracle-linux-upgrade-bind9-16-devel oracle-linux-upgrade-bind9-16-dnssec-utils oracle-linux-upgrade-bind9-16-doc oracle-linux-upgrade-bind9-16-libs oracle-linux-upgrade-bind9-16-license oracle-linux-upgrade-bind9-16-utils oracle-linux-upgrade-python3-bind9-16 References https://attackerkb.com/topics/cve-2022-3924 CVE - 2022-3924 ELSA-2023-2261 ELSA-2023-2792

Amazon Linux 2023: CVE-2023-3161: Important priority package update for kernel Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/25/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font->width and font->height greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-12-17-42 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-3161 CVE - 2023-3161 https://alas.aws.amazon.com/AL2023/ALAS-2023-132.html

Alpine Linux: CVE-2022-3094: Use After Free Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1. Solution(s) alpine-linux-upgrade-bind References https://attackerkb.com/topics/cve-2022-3094 CVE - 2022-3094 https://security.alpinelinux.org/vuln/CVE-2022-3094

OS X update for Maps (CVE-2023-23503) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences. Solution(s) apple-osx-upgrade-13_2 References https://attackerkb.com/topics/cve-2023-23503 CVE - 2023-23503 https://support.apple.com/kb/HT213605

OS X update for Kernel (CVE-2023-23500) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state. Solution(s) apple-osx-upgrade-13_2 References https://attackerkb.com/topics/cve-2023-23500 CVE - 2023-23500 https://support.apple.com/kb/HT213605

Alpine Linux: CVE-2022-3736: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/25/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. Solution(s) alpine-linux-upgrade-bind References https://attackerkb.com/topics/cve-2022-3736 CVE - 2022-3736 https://security.alpinelinux.org/vuln/CVE-2022-3736

Debian: CVE-2023-0394: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-0394 CVE - 2023-0394 DSA-5324-1

OS X update for libxpc (CVE-2023-23506) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-13_2 References https://attackerkb.com/topics/cve-2023-23506 CVE - 2023-23506 https://support.apple.com/kb/HT213605

Amazon Linux 2023: CVE-2022-3488: Important priority package update for bind Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/25/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name. This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1. Solution(s) amazon-linux-2023-upgrade-bind amazon-linux-2023-upgrade-bind-chroot amazon-linux-2023-upgrade-bind-debuginfo amazon-linux-2023-upgrade-bind-debugsource amazon-linux-2023-upgrade-bind-devel amazon-linux-2023-upgrade-bind-dlz-filesystem amazon-linux-2023-upgrade-bind-dlz-filesystem-debuginfo amazon-linux-2023-upgrade-bind-dlz-ldap amazon-linux-2023-upgrade-bind-dlz-ldap-debuginfo amazon-linux-2023-upgrade-bind-dlz-mysql amazon-linux-2023-upgrade-bind-dlz-mysql-debuginfo amazon-linux-2023-upgrade-bind-dlz-sqlite3 amazon-linux-2023-upgrade-bind-dlz-sqlite3-debuginfo amazon-linux-2023-upgrade-bind-dnssec-doc amazon-linux-2023-upgrade-bind-dnssec-utils amazon-linux-2023-upgrade-bind-dnssec-utils-debuginfo amazon-linux-2023-upgrade-bind-libs amazon-linux-2023-upgrade-bind-libs-debuginfo amazon-linux-2023-upgrade-bind-license amazon-linux-2023-upgrade-bind-pkcs11 amazon-linux-2023-upgrade-bind-pkcs11-debuginfo amazon-linux-2023-upgrade-bind-pkcs11-devel amazon-linux-2023-upgrade-bind-pkcs11-libs amazon-linux-2023-upgrade-bind-pkcs11-libs-debuginfo amazon-linux-2023-upgrade-bind-pkcs11-utils amazon-linux-2023-upgrade-bind-pkcs11-utils-debuginfo amazon-linux-2023-upgrade-bind-utils amazon-linux-2023-upgrade-bind-utils-debuginfo amazon-linux-2023-upgrade-python3-bind References https://attackerkb.com/topics/cve-2022-3488 CVE - 2022-3488 https://alas.aws.amazon.com/AL2023/ALAS-2023-161.html

Debian: CVE-2023-0266: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-0266 CVE - 2023-0266 DSA-5324-1

Google Chrome Vulnerability: CVE-2023-0473 Type Confusion in ServiceWorker API Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-0473 CVE - 2023-0473 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html https://crbug.com/1404639

Google Chrome Vulnerability: CVE-2023-0472 Use after free in WebRTC Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/25/2023 Created 01/25/2023 Added 01/25/2023 Modified 01/28/2025 Description Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-0472 CVE - 2023-0472 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html https://crbug.com/1405256

FreeBSD: VID-E2A8E2BD-B808-11ED-B695-6C3BE5272ACD (CVE-2023-0507): Grafana -- Stored XSS in geomap panel plugin via attribution Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 01/25/2023 Created 03/07/2023 Added 03/04/2023 Modified 01/28/2025 Description Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. Solution(s) freebsd-upgrade-package-grafana freebsd-upgrade-package-grafana8 freebsd-upgrade-package-grafana9 References CVE-2023-0507