ISHACK AI BOT

OS X update for libc (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

SUSE: CVE-2022-48257: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 01/13/2023 Created 02/14/2023 Added 02/13/2023 Modified 01/28/2025 Description In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. Solution(s) suse-upgrade-eternalterminal References https://attackerkb.com/topics/cve-2022-48257 CVE - 2022-48257

OS X update for DesktopServices (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Ubuntu: (Multiple Advisories) (CVE-2023-0288): Vim vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. Solution(s) ubuntu-pro-upgrade-vim ubuntu-pro-upgrade-vim-athena ubuntu-pro-upgrade-vim-athena-py2 ubuntu-pro-upgrade-vim-gtk ubuntu-pro-upgrade-vim-gtk-py2 ubuntu-pro-upgrade-vim-gtk3 ubuntu-pro-upgrade-vim-gtk3-py2 ubuntu-pro-upgrade-vim-nox ubuntu-pro-upgrade-vim-nox-py2 ubuntu-pro-upgrade-vim-tiny References https://attackerkb.com/topics/cve-2023-0288 CVE - 2023-0288 USN-5836-1 USN-5963-1

FreeBSD: VID-5FA68BD9-95D9-11ED-811A-080027F5FEC9 (CVE-2022-35977): redis -- multiple vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/16/2023 Created 01/20/2023 Added 01/18/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-5FA68BD9-95D9-11ED-811A-080027F5FEC9: The Redis core team reports: CVE-2022-35977 Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands can drive Redis to OOM panic. CVE-2023-22458 Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands can lead to denial-of-service. Solution(s) freebsd-upgrade-package-redis freebsd-upgrade-package-redis-devel freebsd-upgrade-package-redis6 freebsd-upgrade-package-redis62 References CVE-2022-35977

FreeBSD: VID-5FA68BD9-95D9-11ED-811A-080027F5FEC9 (CVE-2023-22458): redis -- multiple vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/16/2023 Created 01/20/2023 Added 01/18/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-5FA68BD9-95D9-11ED-811A-080027F5FEC9: The Redis core team reports: CVE-2022-35977 Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands can drive Redis to OOM panic. CVE-2023-22458 Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands can lead to denial-of-service. Solution(s) freebsd-upgrade-package-redis freebsd-upgrade-package-redis-devel freebsd-upgrade-package-redis6 freebsd-upgrade-package-redis62 References CVE-2023-22458

FreeBSD: VID-C3FB48CC-A2FF-11ED-8FBC-6CF0490A8C18 (CVE-2023-23608): Spotipy -- Path traversal vulnerability Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 01/16/2023 Created 02/07/2023 Added 02/03/2023 Modified 01/28/2025 Description Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended. The code Spotipy uses to parse URIs and URLs allows an attacker to insert arbitrary characters into the path that is used for API requests. Because it is possible to include "..", an attacker can redirect for example a track lookup via spotifyApi.track() to an arbitrary API endpoint like playlists, but this is possible for other endpoints as well. The impact of this vulnerability depends heavily on what operations a client application performs when it handles a URI from a user and how it uses the responses it receives from the API. This issue is patched in version 2.22.1. Solution(s) freebsd-upgrade-package-py310-spotipy freebsd-upgrade-package-py311-spotipy freebsd-upgrade-package-py37-spotipy freebsd-upgrade-package-py38-spotipy freebsd-upgrade-package-py39-spotipy References CVE-2023-23608

Oracle Linux: CVE-2023-0330: ELSA-2023-12834:qemu security update (MODERATE) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:M/C:N/I:N/A:C) Published 01/16/2023 Created 09/25/2023 Added 09/23/2023 Modified 01/08/2025 Description A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. Solution(s) oracle-linux-upgrade-hivex oracle-linux-upgrade-hivex-devel oracle-linux-upgrade-ivshmem-tools oracle-linux-upgrade-libguestfs oracle-linux-upgrade-libguestfs-appliance oracle-linux-upgrade-libguestfs-bash-completion oracle-linux-upgrade-libguestfs-benchmarking oracle-linux-upgrade-libguestfs-devel oracle-linux-upgrade-libguestfs-gfs2 oracle-linux-upgrade-libguestfs-gobject oracle-linux-upgrade-libguestfs-gobject-devel oracle-linux-upgrade-libguestfs-inspect-icons oracle-linux-upgrade-libguestfs-java oracle-linux-upgrade-libguestfs-java-devel oracle-linux-upgrade-libguestfs-javadoc oracle-linux-upgrade-libguestfs-man-pages-ja oracle-linux-upgrade-libguestfs-man-pages-uk oracle-linux-upgrade-libguestfs-rescue oracle-linux-upgrade-libguestfs-rsync oracle-linux-upgrade-libguestfs-tools oracle-linux-upgrade-libguestfs-tools-c oracle-linux-upgrade-libguestfs-winsupport oracle-linux-upgrade-libguestfs-xfs oracle-linux-upgrade-libiscsi oracle-linux-upgrade-libiscsi-devel oracle-linux-upgrade-libiscsi-utils oracle-linux-upgrade-libnbd oracle-linux-upgrade-libnbd-bash-completion oracle-linux-upgrade-libnbd-devel oracle-linux-upgrade-libtpms oracle-linux-upgrade-libtpms-devel oracle-linux-upgrade-libvirt oracle-linux-upgrade-libvirt-admin oracle-linux-upgrade-libvirt-bash-completion oracle-linux-upgrade-libvirt-client oracle-linux-upgrade-libvirt-client-qemu oracle-linux-upgrade-libvirt-daemon oracle-linux-upgrade-libvirt-daemon-config-network oracle-linux-upgrade-libvirt-daemon-config-nwfilter oracle-linux-upgrade-libvirt-daemon-driver-interface oracle-linux-upgrade-libvirt-daemon-driver-network oracle-linux-upgrade-libvirt-daemon-driver-nodedev oracle-linux-upgrade-libvirt-daemon-driver-nwfilter oracle-linux-upgrade-libvirt-daemon-driver-qemu oracle-linux-upgrade-libvirt-daemon-driver-secret oracle-linux-upgrade-libvirt-daemon-driver-storage oracle-linux-upgrade-libvirt-daemon-driver-storage-core oracle-linux-upgrade-libvirt-daemon-driver-storage-disk oracle-linux-upgrade-libvirt-daemon-driver-storage-gluster oracle-linux-upgrade-libvirt-daemon-driver-storage-iscsi oracle-linux-upgrade-libvirt-daemon-driver-storage-iscsi-direct oracle-linux-upgrade-libvirt-daemon-driver-storage-logical oracle-linux-upgrade-libvirt-daemon-driver-storage-mpath oracle-linux-upgrade-libvirt-daemon-driver-storage-rbd oracle-linux-upgrade-libvirt-daemon-driver-storage-scsi oracle-linux-upgrade-libvirt-daemon-kvm oracle-linux-upgrade-libvirt-dbus oracle-linux-upgrade-libvirt-devel oracle-linux-upgrade-libvirt-docs oracle-linux-upgrade-libvirt-libs oracle-linux-upgrade-libvirt-lock-sanlock oracle-linux-upgrade-libvirt-nss oracle-linux-upgrade-libvirt-wireshark oracle-linux-upgrade-lua-guestfs oracle-linux-upgrade-nbdfuse oracle-linux-upgrade-nbdkit oracle-linux-upgrade-nbdkit-bash-completion oracle-linux-upgrade-nbdkit-basic-filters oracle-linux-upgrade-nbdkit-basic-plugins oracle-linux-upgrade-nbdkit-curl-plugin oracle-linux-upgrade-nbdkit-devel oracle-linux-upgrade-nbdkit-example-plugins oracle-linux-upgrade-nbdkit-gzip-filter oracle-linux-upgrade-nbdkit-gzip-plugin oracle-linux-upgrade-nbdkit-linuxdisk-plugin oracle-linux-upgrade-nbdkit-nbd-plugin oracle-linux-upgrade-nbdkit-python-plugin oracle-linux-upgrade-nbdkit-server oracle-linux-upgrade-nbdkit-ssh-plugin oracle-linux-upgrade-nbdkit-tar-filter oracle-linux-upgrade-nbdkit-tar-plugin oracle-linux-upgrade-nbdkit-tmpdisk-plugin oracle-linux-upgrade-nbdkit-vddk-plugin oracle-linux-upgrade-nbdkit-xz-filter oracle-linux-upgrade-netcf oracle-linux-upgrade-netcf-devel oracle-linux-upgrade-netcf-libs oracle-linux-upgrade-perl-hivex oracle-linux-upgrade-perl-sys-guestfs oracle-linux-upgrade-perl-sys-virt oracle-linux-upgrade-python3-hivex oracle-linux-upgrade-python3-libguestfs oracle-linux-upgrade-python3-libnbd oracle-linux-upgrade-python3-libvirt oracle-linux-upgrade-qemu oracle-linux-upgrade-qemu-block-gluster oracle-linux-upgrade-qemu-block-iscsi oracle-linux-upgrade-qemu-block-rbd oracle-linux-upgrade-qemu-common oracle-linux-upgrade-qemu-guest-agent oracle-linux-upgrade-qemu-img oracle-linux-upgrade-qemu-kvm oracle-linux-upgrade-qemu-kvm-block-curl oracle-linux-upgrade-qemu-kvm-block-gluster oracle-linux-upgrade-qemu-kvm-block-iscsi oracle-linux-upgrade-qemu-kvm-block-rbd oracle-linux-upgrade-qemu-kvm-block-ssh oracle-linux-upgrade-qemu-kvm-common oracle-linux-upgrade-qemu-kvm-core oracle-linux-upgrade-qemu-system-aarch64 oracle-linux-upgrade-qemu-system-aarch64-core oracle-linux-upgrade-qemu-system-x86 oracle-linux-upgrade-qemu-system-x86-core oracle-linux-upgrade-qemu-virtiofsd oracle-linux-upgrade-ruby-hivex oracle-linux-upgrade-ruby-libguestfs oracle-linux-upgrade-seabios oracle-linux-upgrade-seabios-bin oracle-linux-upgrade-seavgabios-bin oracle-linux-upgrade-sgabios oracle-linux-upgrade-sgabios-bin oracle-linux-upgrade-supermin oracle-linux-upgrade-supermin-devel oracle-linux-upgrade-swtpm oracle-linux-upgrade-swtpm-devel oracle-linux-upgrade-swtpm-libs oracle-linux-upgrade-swtpm-tools oracle-linux-upgrade-swtpm-tools-pkcs11 oracle-linux-upgrade-virt-dib oracle-linux-upgrade-virt-v2v oracle-linux-upgrade-virt-v2v-bash-completion oracle-linux-upgrade-virt-v2v-man-pages-ja oracle-linux-upgrade-virt-v2v-man-pages-uk References https://attackerkb.com/topics/cve-2023-0330 CVE - 2023-0330 ELSA-2023-12834 ELSA-2024-12152 ELSA-2023-12855 ELSA-2023-12835

Alpine Linux: CVE-2023-0302: Injection Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/15/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. Solution(s) alpine-linux-upgrade-radare2 References https://attackerkb.com/topics/cve-2023-0302 CVE - 2023-0302 https://security.alpinelinux.org/vuln/CVE-2023-0302

FreeBSD: VID-005DFB48-990D-11ED-B9D3-589CFC0F81B0: phpmyfaq -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/15/2023 Created 01/24/2023 Added 01/22/2023 Modified 01/22/2023 Description phpmyfaq developers report: phpMyFAQ does not implement sufficient checks to avoid a stored XSS in "Add new question" phpMyFAQ does not implement sufficient checks to avoid a stored XSS in admin user page phpMyFAQ does not implement sufficient checks to avoid a stored XSS in FAQ comments phpMyFAQ does not implement sufficient checks to avoid a blind stored XSS in admin open question page phpMyFAQ does not implement sufficient checks to avoid a reflected XSS in the admin backend login phpMyFAQ does not implement sufficient checks to avoid stored XSS on user, category, FAQ, news and configuration admin backend phpMyFAQ does not implement sufficient checks to avoid weak passwords Solution(s) freebsd-upgrade-package-phpmyfaq

Oracle Linux: CVE-2023-1729: ELSA-2024-2137:LibRaw security update (LOW) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:P) Published 01/14/2023 Created 05/22/2024 Added 05/07/2024 Modified 01/07/2025 Description A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Solution(s) oracle-linux-upgrade-libraw oracle-linux-upgrade-libraw-devel References https://attackerkb.com/topics/cve-2023-1729 CVE - 2023-1729 ELSA-2024-2137

Debian: CVE-2023-23589: tor -- security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 01/14/2023 Created 01/19/2023 Added 01/18/2023 Modified 01/28/2025 Description The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. Solution(s) debian-upgrade-tor References https://attackerkb.com/topics/cve-2023-23589 CVE - 2023-23589 DSA-5320 DSA-5320-1

Gentoo Linux: CVE-2023-23589: Tor: Multiple Vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 01/14/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/28/2025 Description The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. Solution(s) gentoo-linux-upgrade-net-vpn-tor References https://attackerkb.com/topics/cve-2023-23589 CVE - 2023-23589 202305-11

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: MX Series with MPC10/MPC11: When Suspicious Control Flow Detection (scfd) is enabled and an attacker is sending specific traffic, this causes a memory leak. (JSA70206) (CVE-2023-22410) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). Devices are only vulnerable when the Suspicious Control Flow Detection (scfd) feature is enabled. Upon enabling this specific feature, an attacker sending specific traffic is causing memory to be allocated dynamically and it is not freed. Memory is not freed even after deactivating this feature. Sustained processing of such traffic will eventually lead to an out of memory condition that prevents all services from continuing to function, and requires a manual restart to recover. The FPC memory usage can be monitored using the CLI command "show chassis fpc". On running the above command, the memory of AftDdosScfdFlow can be observed to detect the memory leak. This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 20.2R3-S5; 20.3 version 20.3R1 and later versions. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22410 CVE - 2023-22410 JSA70206

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot (JSA70205) (CVE-2023-22409) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater than the total number of hosts. An example for such configuration is: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] where according to the following calculation: 65536-1024=64512 (number of usable ports per IP address, implicit) 64512/1008=64 (number of port blocks per Nat IP) x.x.x.0/32 to x.x.x.15/32 = 16 (NAT IP addresses available in NAT pool) total port blocks in NAT Pool = 64 blocks per IP * 16 IPs = 1024 Port blocks host address y.y.y.0/24 = 256 hosts (with include-boundary-addresses) If the port block size is configured to be 4032, then the total port blocks are (64512/4032) * 16 = 256 which is equivalent to the total host addresses of 256, and the issue will not be seen. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22409 CVE - 2023-22409 JSA70205

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: PTX Series and QFX10000 Series: An FPC memory leak is observed when specific multicast packets are processed (JSA70210) (CVE-2023-22414) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. On all Junos PTX Series and QFX10000 Series, when specific EVPN VXLAN Multicast packets are processed, an FPC heap memory leak is observed. The FPC memory usage can be monitored using the CLI command "show heap extensive". Following is an example output. ID Base Total(b) Free(b) Used(b) % Name Peak used % -- -------- --------- --------- --------- --- ----------- ----------- 0 37dcf000 3221225472 1694526368 1526699104 47 Kernel 47 1 17dcf000 1048576 1048576 0 0 TOE DMA 0 2 17ecf000 1048576 1048576 0 0 DMA 0 3 17fcf000 534773760 280968336 253805424 47 Packet DMA 47 This issue affects: Juniper Networks Junos OS PTX Series and QFX10000 Series 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.1R1 on PTX Series and QFX10000 Series. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22414 CVE - 2023-22414 JSA70210

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received (JSA70212) (CVE-2023-22416) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22416 CVE - 2023-22416 JSA70212

Red Hat JBoss EAP: Information Exposure Through Discrepancy (CVE-2022-3143) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 01/13/2023 Created 03/17/2023 Added 03/17/2023 Modified 01/28/2025 Description Deprecated Solution(s)

Debian: CVE-2023-23559: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/13/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-23559 CVE - 2023-23559 DLA-3403-1 DLA-3404-1

VMware Photon OS: CVE-2023-23559 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/13/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23559 CVE - 2023-23559

OS X update for Vim (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. Solution(s) apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-0288 CVE - 2023-0288 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677

OS X update for Sandbox (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Juniper Junos OS: 2023-01 Security Bulletin: Junos OS: SRX Series and MX Series: Memory leak due to receipt of specially crafted SIP calls (JSA70190) (CVE-2023-22394) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/13/2023 Created 03/23/2023 Added 03/22/2023 Modified 12/06/2023 Description An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services (DoS). This issue occurs on all MX Series platforms with MS-MPC or MS-MIC card and all SRX Series platforms where SIP ALG is enabled. Successful exploitation of this vulnerability prevents additional SIP calls and applications from succeeding. The SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. To confirm whether SIP ALG is enabled on SRX use the following command: user@host> show security alg status | match sip SIP : Enabled This issue affects Juniper Networks Junos OS on SRX Series and on MX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.1 versions 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2-S2, 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2, 22.1R3-S1. This issue does not affect Juniper Networks Junos OS on SRX Series and on MX Series: All versions prior to 18.2R1. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-22394 CVE - 2023-22394 JSA70190

OS X update for iCloud (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreServices (CVE-2023-0288) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/13/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)