ISHACK AI BOT

Amazon Linux 2023: CVE-2023-24056: Medium priority package update for pkgconf Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 01/21/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. A flaw was found in pkgconf, where a variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. This issue may lead to a buffer overflow, which can crash the software. Solution(s) amazon-linux-2023-upgrade-libpkgconf amazon-linux-2023-upgrade-libpkgconf-debuginfo amazon-linux-2023-upgrade-libpkgconf-devel amazon-linux-2023-upgrade-pkgconf amazon-linux-2023-upgrade-pkgconf-debuginfo amazon-linux-2023-upgrade-pkgconf-debugsource amazon-linux-2023-upgrade-pkgconf-m4 amazon-linux-2023-upgrade-pkgconf-pkg-config References https://attackerkb.com/topics/cve-2023-24056 CVE - 2023-24056 https://alas.aws.amazon.com/AL2023/ALAS-2023-159.html

Amazon Linux 2023: CVE-2023-0433: Important priority package update for vim Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-common-debuginfo amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-0433 CVE - 2023-0433 https://alas.aws.amazon.com/AL2023/ALAS-2023-117.html

OS X update for dcerpc (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOAcceleratorFamily (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for libc (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for PackageKit (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for LaunchServices (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Archive Utility (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Foundation (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for SharedFileList (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CommCenter (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Podcasts (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for TextKit (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Safari (CVE-2023-0433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/21/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

CentOS Linux: CVE-2022-47024: Moderate: vim security update (CESA-2023:0958) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/20/2023 Created 03/02/2023 Added 03/01/2023 Modified 01/28/2025 Description A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. Solution(s) centos-upgrade-vim-common centos-upgrade-vim-common-debuginfo centos-upgrade-vim-debuginfo centos-upgrade-vim-debugsource centos-upgrade-vim-enhanced centos-upgrade-vim-enhanced-debuginfo centos-upgrade-vim-filesystem centos-upgrade-vim-minimal centos-upgrade-vim-minimal-debuginfo centos-upgrade-vim-x11 centos-upgrade-vim-x11-debuginfo References CVE-2022-47024

CentOS Linux: CVE-2022-47015: Moderate: mariadb:10.3 security, bug fix, and enhancement update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/20/2023 Created 09/20/2023 Added 09/20/2023 Modified 01/28/2025 Description MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. Solution(s) centos-upgrade-galera centos-upgrade-galera-debuginfo centos-upgrade-galera-debugsource centos-upgrade-judy centos-upgrade-judy-debuginfo centos-upgrade-judy-debugsource centos-upgrade-mariadb centos-upgrade-mariadb-backup centos-upgrade-mariadb-backup-debuginfo centos-upgrade-mariadb-common centos-upgrade-mariadb-debuginfo centos-upgrade-mariadb-debugsource centos-upgrade-mariadb-devel centos-upgrade-mariadb-embedded centos-upgrade-mariadb-embedded-debuginfo centos-upgrade-mariadb-embedded-devel centos-upgrade-mariadb-errmsg centos-upgrade-mariadb-gssapi-server centos-upgrade-mariadb-gssapi-server-debuginfo centos-upgrade-mariadb-oqgraph-engine centos-upgrade-mariadb-oqgraph-engine-debuginfo centos-upgrade-mariadb-pam centos-upgrade-mariadb-pam-debuginfo centos-upgrade-mariadb-server centos-upgrade-mariadb-server-debuginfo centos-upgrade-mariadb-server-galera centos-upgrade-mariadb-server-utils centos-upgrade-mariadb-server-utils-debuginfo centos-upgrade-mariadb-test centos-upgrade-mariadb-test-debuginfo References CVE-2022-47015

Debian: CVE-2022-35977: redis -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/20/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) debian-upgrade-redis References https://attackerkb.com/topics/cve-2022-35977 CVE - 2022-35977 DLA-3973-1

Alpine Linux: CVE-2022-47021: NULL Pointer Dereference Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/20/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. Solution(s) alpine-linux-upgrade-opusfile References https://attackerkb.com/topics/cve-2022-47021 CVE - 2022-47021 https://security.alpinelinux.org/vuln/CVE-2022-47021

Rocky Linux: CVE-2022-35977: redis-6 (RLSA-2025-0595) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/20/2023 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) rocky-upgrade-redis rocky-upgrade-redis-debuginfo rocky-upgrade-redis-debugsource rocky-upgrade-redis-devel References https://attackerkb.com/topics/cve-2022-35977 CVE - 2022-35977 https://errata.rockylinux.org/RLSA-2025:0595

Gentoo Linux: CVE-2022-35977: Redis: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/20/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) gentoo-linux-upgrade-dev-db-redis References https://attackerkb.com/topics/cve-2022-35977 CVE - 2022-35977 202408-05

Rocky Linux: CVE-2023-22458: redis-6 (RLSA-2025-0595) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/20/2023 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) rocky-upgrade-redis rocky-upgrade-redis-debuginfo rocky-upgrade-redis-debugsource rocky-upgrade-redis-devel References https://attackerkb.com/topics/cve-2023-22458 CVE - 2023-22458 https://errata.rockylinux.org/RLSA-2025:0595

Huawei EulerOS: CVE-2022-48279: mod_security security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 01/20/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase. Solution(s) huawei-euleros-2_0_sp5-upgrade-mod_security References https://attackerkb.com/topics/cve-2022-48279 CVE - 2022-48279 EulerOS-SA-2023-2160

Amazon Linux AMI 2: CVE-2023-24021: Security patch for mod_security (ALAS-2023-2098) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 01/20/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/30/2025 Description Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection. Solution(s) amazon-linux-ami-2-upgrade-mod_security amazon-linux-ami-2-upgrade-mod_security-debuginfo amazon-linux-ami-2-upgrade-mod_security-mlogc References https://attackerkb.com/topics/cve-2023-24021 AL2/ALAS-2023-2098 CVE - 2023-24021

Oracle Linux: CVE-2023-22745: ELSA-2023-7166:tpm2-tss security and enhancement update (LOW) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:M/C:C/I:C/A:C) Published 01/20/2023 Created 11/24/2023 Added 11/22/2023 Modified 01/07/2025 Description tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege. A flaw was found in tpm2-tss, which is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions, `Tss2_RC_SetHandler` and `Tss2_RC_Decode` index into the `layer_handler` with an 8-bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries. Trying to add a handler for higher-numbered layers or to decode a response code with a layer number, reads/writes past the end of the buffer. This buffer overrun could result in arbitrary code execution. An example attack is a man-in-the-middle (MiTM) bus attack that returns 0xFFFFFFFFFF for the RC. Given the common use case of TPM modules, an attacker must have local access to the target machine with local system privileges, which allows access to the TPM system. Usually, TPM access requires administrative privileges. Solution(s) oracle-linux-upgrade-tpm2-tss oracle-linux-upgrade-tpm2-tss-devel References https://attackerkb.com/topics/cve-2023-22745 CVE - 2023-22745 ELSA-2023-7166 ELSA-2023-6685

Huawei EulerOS: CVE-2021-33642: byacc security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/20/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. Solution(s) huawei-euleros-2_0_sp10-upgrade-byacc huawei-euleros-2_0_sp10-upgrade-byacc-help References https://attackerkb.com/topics/cve-2021-33642 CVE - 2021-33642 EulerOS-SA-2023-1545