ISHACK AI BOT

Huawei EulerOS: CVE-2022-36760: httpd security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/17/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/30/2025 Description Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to.This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions. Solution(s) huawei-euleros-2_0_sp9-upgrade-httpd huawei-euleros-2_0_sp9-upgrade-httpd-filesystem huawei-euleros-2_0_sp9-upgrade-httpd-tools huawei-euleros-2_0_sp9-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2022-36760 CVE - 2022-36760 EulerOS-SA-2023-1872

CentOS Linux: CVE-2022-37436: Moderate: httpd:2.4 security and bug fix update (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 01/17/2023 Created 02/22/2023 Added 02/22/2023 Modified 01/28/2025 Description Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client. Solution(s) centos-upgrade-httpd centos-upgrade-httpd-core centos-upgrade-httpd-core-debuginfo centos-upgrade-httpd-debuginfo centos-upgrade-httpd-debugsource centos-upgrade-httpd-devel centos-upgrade-httpd-filesystem centos-upgrade-httpd-manual centos-upgrade-httpd-tools centos-upgrade-httpd-tools-debuginfo centos-upgrade-mod_http2 centos-upgrade-mod_http2-debuginfo centos-upgrade-mod_http2-debugsource centos-upgrade-mod_ldap centos-upgrade-mod_ldap-debuginfo centos-upgrade-mod_lua centos-upgrade-mod_lua-debuginfo centos-upgrade-mod_md centos-upgrade-mod_md-debuginfo centos-upgrade-mod_md-debugsource centos-upgrade-mod_proxy_html centos-upgrade-mod_proxy_html-debuginfo centos-upgrade-mod_session centos-upgrade-mod_session-debuginfo centos-upgrade-mod_ssl centos-upgrade-mod_ssl-debuginfo References CVE-2022-37436

Oracle WebLogic: CVE-2022-40150 : Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/17/2023 Created 01/19/2023 Added 01/17/2023 Modified 01/28/2025 Description Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack. Solution(s) oracle-weblogic-jan-2023-cpu-12_2_1_3_0 oracle-weblogic-jan-2023-cpu-12_2_1_4_0 oracle-weblogic-jan-2023-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2022-40150 CVE - 2022-40150 http://www.oracle.com/security-alerts/cpujan2023.html https://support.oracle.com/rs?type=doc&id=2917213.2

Oracle WebLogic: CVE-2023-21842 : Critical Patch Update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 01/17/2023 Created 01/19/2023 Added 01/17/2023 Modified 01/28/2025 Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container).Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.Successful attacks of this vulnerability can result inunauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Solution(s) oracle-weblogic-jan-2023-cpu-12_2_1_3_0 oracle-weblogic-jan-2023-cpu-12_2_1_4_0 oracle-weblogic-jan-2023-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2023-21842 CVE - 2023-21842 http://www.oracle.com/security-alerts/cpujan2023.html https://support.oracle.com/rs?type=doc&id=2917213.2

Ubuntu: (Multiple Advisories) (CVE-2022-47929): Linux kernel (OEM) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/17/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/30/2025 Description In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1062-dell300x ubuntu-upgrade-linux-image-4-15-0-1116-oracle ubuntu-upgrade-linux-image-4-15-0-1129-raspi2 ubuntu-upgrade-linux-image-4-15-0-1137-kvm ubuntu-upgrade-linux-image-4-15-0-1147-gcp ubuntu-upgrade-linux-image-4-15-0-1148-snapdragon ubuntu-upgrade-linux-image-4-15-0-1153-aws ubuntu-upgrade-linux-image-4-15-0-1162-azure ubuntu-upgrade-linux-image-4-15-0-208-generic ubuntu-upgrade-linux-image-4-15-0-208-generic-lpae ubuntu-upgrade-linux-image-4-15-0-208-lowlatency ubuntu-upgrade-linux-image-4-4-0-1117-aws ubuntu-upgrade-linux-image-4-4-0-1118-kvm ubuntu-upgrade-linux-image-4-4-0-1155-aws ubuntu-upgrade-linux-image-4-4-0-239-generic ubuntu-upgrade-linux-image-4-4-0-239-lowlatency ubuntu-upgrade-linux-image-5-15-0-1018-gkeop ubuntu-upgrade-linux-image-5-15-0-1027-raspi ubuntu-upgrade-linux-image-5-15-0-1027-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1028-ibm ubuntu-upgrade-linux-image-5-15-0-1028-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1031-gke ubuntu-upgrade-linux-image-5-15-0-1031-kvm ubuntu-upgrade-linux-image-5-15-0-1032-gcp ubuntu-upgrade-linux-image-5-15-0-1033-oracle ubuntu-upgrade-linux-image-5-15-0-1034-aws ubuntu-upgrade-linux-image-5-15-0-1036-azure ubuntu-upgrade-linux-image-5-15-0-1036-azure-fde ubuntu-upgrade-linux-image-5-15-0-70-generic ubuntu-upgrade-linux-image-5-15-0-70-generic-64k ubuntu-upgrade-linux-image-5-15-0-70-generic-lpae ubuntu-upgrade-linux-image-5-15-0-70-lowlatency ubuntu-upgrade-linux-image-5-15-0-70-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1035-oem ubuntu-upgrade-linux-image-5-19-0-1016-raspi ubuntu-upgrade-linux-image-5-19-0-1016-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1020-gcp ubuntu-upgrade-linux-image-5-19-0-1020-oracle ubuntu-upgrade-linux-image-5-19-0-1021-kvm ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1023-aws ubuntu-upgrade-linux-image-5-19-0-1023-azure ubuntu-upgrade-linux-image-5-19-0-40-generic ubuntu-upgrade-linux-image-5-19-0-40-generic-64k ubuntu-upgrade-linux-image-5-19-0-40-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1045-ibm ubuntu-upgrade-linux-image-5-4-0-1059-bluefield ubuntu-upgrade-linux-image-5-4-0-1065-gkeop ubuntu-upgrade-linux-image-5-4-0-1081-raspi ubuntu-upgrade-linux-image-5-4-0-1087-kvm ubuntu-upgrade-linux-image-5-4-0-1094-oracle ubuntu-upgrade-linux-image-5-4-0-1095-gke ubuntu-upgrade-linux-image-5-4-0-1097-aws ubuntu-upgrade-linux-image-5-4-0-1101-gcp ubuntu-upgrade-linux-image-5-4-0-1104-azure ubuntu-upgrade-linux-image-5-4-0-144-generic ubuntu-upgrade-linux-image-5-4-0-144-generic-lpae ubuntu-upgrade-linux-image-5-4-0-144-lowlatency ubuntu-upgrade-linux-image-6-0-0-1020-oem ubuntu-upgrade-linux-image-6-1-0-1007-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2022-47929 CVE - 2022-47929 DSA-5324 USN-5915-1 USN-5917-1 USN-5924-1 USN-5927-1 USN-5934-1 USN-5939-1 USN-5940-1 USN-5951-1 USN-5975-1 USN-5981-1 USN-5984-1 USN-5991-1 USN-6000-1 USN-6001-1 USN-6009-1 USN-6013-1 USN-6014-1 USN-6024-1 USN-6025-1 USN-6030-1 USN-6040-1 USN-6057-1 USN-6134-1 USN-6247-1 USN-6248-1 View more

Alpine Linux: CVE-2022-41859: Insufficiently Protected Credentials Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 01/17/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. Solution(s) alpine-linux-upgrade-freeradius References https://attackerkb.com/topics/cve-2022-41859 CVE - 2022-41859 https://security.alpinelinux.org/vuln/CVE-2022-41859

F5 Networks: CVE-2022-36760: K000132643: Apache HTTP server vulnerability CVE-2022-36760 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/17/2023 Created 12/08/2023 Added 12/07/2023 Modified 01/30/2025 Description Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to.This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2022-36760 CVE - 2022-36760 https://my.f5.com/manage/s/article/K000132643

FreeBSD: VID-00919005-96A3-11ED-86E9-D4C9EF517024 (CVE-2006-20001): Apache httpd -- Multiple vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/17/2023 Created 01/20/2023 Added 01/19/2023 Modified 01/28/2025 Description A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. Solution(s) freebsd-upgrade-package-apache24 References CVE-2006-20001

Alpine Linux: CVE-2023-21830: Vulnerability in Multiple Components Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 01/17/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization).Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) alpine-linux-upgrade-openjdk8 References https://attackerkb.com/topics/cve-2023-21830 CVE - 2023-21830 https://security.alpinelinux.org/vuln/CVE-2023-21830

Debian: CVE-2023-22496: netdata -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 01/14/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function `health_alarm_execute` is called. This function performs different checks and then enqueues a command by calling `spawn_enq_cmd`. This command is populated with several arguments that are not sanitized. One of them is the `registry_hostname` of the node for which the alert is raised. By providing a specially crafted `registry_hostname` as part of the health data that is streamed to a Netdata (parent) agent, an attacker can execute arbitrary commands at the remote host as a side-effect of the raised alert. Note that the commands are executed as the user running the Netdata Agent. This user is usually named `netdata`. The ability to run arbitrary commands may allow an attacker to escalate privileges by escalating other vulnerabilities in the system, as that user. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, streaming is not enabled by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability. Solution(s) debian-upgrade-netdata References https://attackerkb.com/topics/cve-2023-22496 CVE - 2023-22496

Debian: CVE-2023-22497: netdata -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 01/14/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has access to a Netdata Agent has access to its MACHINE_GUID. Streaming is a feature that allows a Netdata Agent to act as parent for other Netdata Agents (children), offloading children from various functions (increased data retention, ML, health monitoring, etc) that can now be handled by the parent Agent. Configuration is done via `stream.conf`. On the parent side, users configure in `stream.conf` an API key (any random UUID can do) to provide common configuration for all children using this API key and per MACHINE GUID configuration to customize the configuration for each child. The way this was implemented, allowed an attacker to use a valid MACHINE_GUID as an API key. This affects all users who expose their Netdata Agents (children) to non-trusted users and they also expose to the same users Netdata Agent parents that aggregate data from all these children. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, do not enable streaming by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability. Solution(s) debian-upgrade-netdata References https://attackerkb.com/topics/cve-2023-22497 CVE - 2023-22497

Amazon Linux 2023: CVE-2023-3567: Important priority package update for kernel (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 01/14/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-12-17-42 amazon-linux-2023-upgrade-kernel-livepatch-6-1-34-56-100 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-3567 CVE - 2023-3567 https://alas.aws.amazon.com/AL2023/ALAS-2023-132.html https://alas.aws.amazon.com/AL2023/ALAS-2023-228.html

Ubuntu: USN-7250-1 (CVE-2023-22497): Netdata vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/14/2023 Created 02/05/2025 Added 02/04/2025 Modified 02/04/2025 Description Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has access to a Netdata Agent has access to its MACHINE_GUID. Streaming is a feature that allows a Netdata Agent to act as parent for other Netdata Agents (children), offloading children from various functions (increased data retention, ML, health monitoring, etc) that can now be handled by the parent Agent. Configuration is done via `stream.conf`. On the parent side, users configure in `stream.conf` an API key (any random UUID can do) to provide common configuration for all children using this API key and per MACHINE GUID configuration to customize the configuration for each child. The way this was implemented, allowed an attacker to use a valid MACHINE_GUID as an API key. This affects all users who expose their Netdata Agents (children) to non-trusted users and they also expose to the same users Netdata Agent parents that aggregate data from all these children. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, do not enable streaming by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability. Solution(s) ubuntu-pro-upgrade-netdata-core ubuntu-pro-upgrade-netdata-plugins-bash ubuntu-pro-upgrade-netdata-web References https://attackerkb.com/topics/cve-2023-22497 CVE - 2023-22497 USN-7250-1

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: vSRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash (JSA70213) (CVE-2023-22417) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventually the flowd process will crash and restart. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22417 CVE - 2023-22417 JSA70213

OS X update for Crash Reporter (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: SRX Series: The flowd daemon will crash when Unified Policies are used with IPv6 and certain dynamic applications are rejected by the device (JSA70207) (CVE-2023-22411) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description An Out-of-Bounds Write vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-application filter which will generate an ICMP deny message, the flowd core is observed and the PFE is restarted. This issue affects: Juniper Networks Junos OS on SRX Series: 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22411 CVE - 2023-22411 JSA70207

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash when a specific H.323 packet is received (JSA70211) (CVE-2023-22415) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all MX Series and SRX Series platform, when H.323 ALG is enabled and specific H.323 packets are received simultaneously, a flow processing daemon (flowd) crash will occur. Continued receipt of these specific packets will cause a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series All versions prior to 19.4R3-S10; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R2-S1, 22.1R3; 22.2 versions prior to 22.2R1-S2, 22.2R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22415 CVE - 2023-22415 JSA70211

pyLoad js2py Python Execution Disclosed 01/13/2023 Created 02/22/2023 Description pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request to the flash/addcrypted2 endpoint to leverage this for code execution. pyLoad by default runs two services, the primary of which is on port 8000 and can not be used by external hosts. A secondary "Click 'N' Load" service runs on port 9666 and can be used remotely without authentication. Author(s) Spencer McIntyre bAu Platform Linux,Python,Unix Architectures cmd, x86, x64, python Development Source Code History

Oracle Linux: CVE-2023-0179: ELSA-2023-12116:Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/13/2023 Created 02/17/2023 Added 02/14/2023 Modified 01/23/2025 Description A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-0179 CVE - 2023-0179 ELSA-2023-12116 ELSA-2023-0951 ELSA-2023-12120

OS X update for AppleMobileFileIntegrity (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

SUSE: CVE-2023-23559: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/13/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-suse-module-tools suse-upgrade-suse-module-tools-legacy References https://attackerkb.com/topics/cve-2023-23559 CVE - 2023-23559

Amazon Linux AMI 2: CVE-2023-0288: Security patch for vim (ALAS-2023-1975) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 References https://attackerkb.com/topics/cve-2023-0288 AL2/ALAS-2023-1975 CVE - 2023-0288

OS X update for Identity Services (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for libpthread (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)