ISHACK AI BOT

OS X update for Finder (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Huawei EulerOS: CVE-2023-23454: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 05/05/2023 Added 04/13/2023 Modified 01/28/2025 Description cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-23454 CVE - 2023-23454 EulerOS-SA-2023-1614

Huawei EulerOS: CVE-2022-3437: samba security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 02/14/2023 Added 02/13/2023 Modified 01/28/2025 Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Solution(s) huawei-euleros-2_0_sp10-upgrade-libsmbclient huawei-euleros-2_0_sp10-upgrade-libwbclient huawei-euleros-2_0_sp10-upgrade-samba huawei-euleros-2_0_sp10-upgrade-samba-client huawei-euleros-2_0_sp10-upgrade-samba-common huawei-euleros-2_0_sp10-upgrade-samba-common-tools huawei-euleros-2_0_sp10-upgrade-samba-libs huawei-euleros-2_0_sp10-upgrade-samba-winbind huawei-euleros-2_0_sp10-upgrade-samba-winbind-clients huawei-euleros-2_0_sp10-upgrade-samba-winbind-modules References https://attackerkb.com/topics/cve-2022-3437 CVE - 2022-3437 EulerOS-SA-2023-1399

Huawei EulerOS: CVE-2022-3515: libksba security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 01/12/2023 Created 03/10/2023 Added 03/09/2023 Modified 01/28/2025 Description A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. Solution(s) huawei-euleros-2_0_sp5-upgrade-libksba References https://attackerkb.com/topics/cve-2022-3515 CVE - 2022-3515 EulerOS-SA-2023-1508

Gentoo Linux: CVE-2022-3437: Samba: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Solution(s) gentoo-linux-upgrade-app-crypt-heimdal gentoo-linux-upgrade-net-fs-samba References https://attackerkb.com/topics/cve-2022-3437 CVE - 2022-3437 202309-06 202310-06

Debian: CVE-2022-4345: wireshark -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 01/12/2023 Created 02/11/2023 Added 02/10/2023 Modified 01/28/2025 Description Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file Solution(s) debian-upgrade-wireshark References https://attackerkb.com/topics/cve-2022-4345 CVE - 2022-4345 DLA-3313-1

Debian: CVE-2022-4743: libsdl2 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/12/2023 Created 02/11/2023 Added 02/10/2023 Modified 01/28/2025 Description A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected. Solution(s) debian-upgrade-libsdl2 References https://attackerkb.com/topics/cve-2022-4743 CVE - 2022-4743 DLA-3314-1

Debian: CVE-2022-47927: mediawiki -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 01/12/2023 Created 07/17/2023 Added 07/17/2023 Modified 01/28/2025 Description An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files include credentials data. Solution(s) debian-upgrade-mediawiki References https://attackerkb.com/topics/cve-2022-47927 CVE - 2022-47927 DLA-3489-1

SUSE: CVE-2022-31631: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/12/2023 Created 01/13/2023 Added 01/12/2023 Modified 02/23/2023 Description This CVE is addressed in the SUSE advisories SUSE-SU-2023:0072-1, SUSE-SU-2023:0073-1, SUSE-SU-2023:0074-1, SUSE-SU-2023:0084-1, SUSE-SU-2023:0476-1, CVE-2022-31631. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php74 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-firebird suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pear suse-upgrade-php7-pear-archive_tar suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-wddx suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php74 suse-upgrade-php74-bcmath suse-upgrade-php74-bz2 suse-upgrade-php74-calendar suse-upgrade-php74-ctype suse-upgrade-php74-curl suse-upgrade-php74-dba suse-upgrade-php74-devel suse-upgrade-php74-dom suse-upgrade-php74-enchant suse-upgrade-php74-exif suse-upgrade-php74-fastcgi suse-upgrade-php74-fileinfo suse-upgrade-php74-fpm suse-upgrade-php74-ftp suse-upgrade-php74-gd suse-upgrade-php74-gettext suse-upgrade-php74-gmp suse-upgrade-php74-iconv suse-upgrade-php74-intl suse-upgrade-php74-json suse-upgrade-php74-ldap suse-upgrade-php74-mbstring suse-upgrade-php74-mysql suse-upgrade-php74-odbc suse-upgrade-php74-opcache suse-upgrade-php74-openssl suse-upgrade-php74-pcntl suse-upgrade-php74-pdo suse-upgrade-php74-pgsql suse-upgrade-php74-phar suse-upgrade-php74-posix suse-upgrade-php74-readline suse-upgrade-php74-shmop suse-upgrade-php74-snmp suse-upgrade-php74-soap suse-upgrade-php74-sockets suse-upgrade-php74-sodium suse-upgrade-php74-sqlite suse-upgrade-php74-sysvmsg suse-upgrade-php74-sysvsem suse-upgrade-php74-sysvshm suse-upgrade-php74-tidy suse-upgrade-php74-tokenizer suse-upgrade-php74-xmlreader suse-upgrade-php74-xmlrpc suse-upgrade-php74-xmlwriter suse-upgrade-php74-xsl suse-upgrade-php74-zip suse-upgrade-php74-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2022-31631 CVE - 2022-31631 SUSE-SU-2023:0072-1 SUSE-SU-2023:0073-1 SUSE-SU-2023:0074-1 SUSE-SU-2023:0084-1 SUSE-SU-2023:0476-1

MediaWiki: Incorrect Permission Assignment for Critical Resource (CVE-2022-47927) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 01/12/2023 Created 01/24/2023 Added 01/23/2023 Modified 01/28/2025 Description An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files include credentials data. Solution(s) mediawiki-upgrade-1_35_9 mediawiki-upgrade-1_38_5 References https://attackerkb.com/topics/cve-2022-47927 CVE - 2022-47927 https://lists.debian.org/debian-lts-announce/2023/07/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/ https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce%40lists.wikimedia.org/thread/UEMW64LVEH3BEXCJV43CVS6XPYURKWU3/ https://phabricator.wikimedia.org/T322637 https://security.gentoo.org/glsa/202305-24

OS X update for ColorSync (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FaceTime (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Ubuntu: (Multiple Advisories) (CVE-2022-4842): Linux kernel (OEM) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1018-gkeop ubuntu-upgrade-linux-image-5-15-0-1027-raspi ubuntu-upgrade-linux-image-5-15-0-1027-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1028-ibm ubuntu-upgrade-linux-image-5-15-0-1028-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1031-gke ubuntu-upgrade-linux-image-5-15-0-1031-kvm ubuntu-upgrade-linux-image-5-15-0-1032-gcp ubuntu-upgrade-linux-image-5-15-0-1033-oracle ubuntu-upgrade-linux-image-5-15-0-1034-aws ubuntu-upgrade-linux-image-5-15-0-1036-azure ubuntu-upgrade-linux-image-5-15-0-1036-azure-fde ubuntu-upgrade-linux-image-5-15-0-70-generic ubuntu-upgrade-linux-image-5-15-0-70-generic-64k ubuntu-upgrade-linux-image-5-15-0-70-generic-lpae ubuntu-upgrade-linux-image-5-15-0-70-lowlatency ubuntu-upgrade-linux-image-5-15-0-70-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1034-oem ubuntu-upgrade-linux-image-5-19-0-1018-raspi ubuntu-upgrade-linux-image-5-19-0-1018-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1022-ibm ubuntu-upgrade-linux-image-5-19-0-1023-kvm ubuntu-upgrade-linux-image-5-19-0-1023-oracle ubuntu-upgrade-linux-image-5-19-0-1024-gcp ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1025-aws ubuntu-upgrade-linux-image-5-19-0-1026-azure ubuntu-upgrade-linux-image-5-19-0-42-generic ubuntu-upgrade-linux-image-5-19-0-42-generic-64k ubuntu-upgrade-linux-image-5-19-0-42-generic-lpae ubuntu-upgrade-linux-image-6-0-0-1019-oem ubuntu-upgrade-linux-image-6-1-0-1008-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2022-4842 CVE - 2022-4842 USN-5978-1 USN-6025-1 USN-6040-1 USN-6057-1 USN-6079-1 USN-6091-1 USN-6096-1 USN-6134-1 USN-6206-1 USN-6235-1 View more

CentOS Linux: CVE-2022-4139: Important: kernel security and bug fix update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/12/2023 Created 01/14/2023 Added 01/13/2023 Modified 01/28/2025 Description An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt centos-upgrade-kpatch-patch-4_18_0-425_3_1 centos-upgrade-kpatch-patch-4_18_0-425_3_1-debuginfo centos-upgrade-kpatch-patch-4_18_0-425_3_1-debugsource centos-upgrade-kpatch-patch-5_14_0-162_6_1 centos-upgrade-kpatch-patch-5_14_0-162_6_1-debuginfo centos-upgrade-kpatch-patch-5_14_0-162_6_1-debugsource References CVE-2022-4139

OS X update for curl (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Huawei EulerOS: CVE-2022-3437: samba security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Solution(s) huawei-euleros-2_0_sp5-upgrade-libsmbclient huawei-euleros-2_0_sp5-upgrade-libwbclient huawei-euleros-2_0_sp5-upgrade-samba huawei-euleros-2_0_sp5-upgrade-samba-client huawei-euleros-2_0_sp5-upgrade-samba-client-libs huawei-euleros-2_0_sp5-upgrade-samba-common huawei-euleros-2_0_sp5-upgrade-samba-common-libs huawei-euleros-2_0_sp5-upgrade-samba-common-tools huawei-euleros-2_0_sp5-upgrade-samba-libs huawei-euleros-2_0_sp5-upgrade-samba-python huawei-euleros-2_0_sp5-upgrade-samba-winbind huawei-euleros-2_0_sp5-upgrade-samba-winbind-clients huawei-euleros-2_0_sp5-upgrade-samba-winbind-modules References https://attackerkb.com/topics/cve-2022-3437 CVE - 2022-3437 EulerOS-SA-2023-2168

OS X update for Audio (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CoreMedia (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alma Linux: CVE-2022-4139: Important: kernel security and bug fix update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/12/2023 Created 01/18/2023 Added 01/17/2023 Modified 01/28/2025 Description An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-4139 CVE - 2022-4139 https://errata.almalinux.org/8/ALSA-2023-0101.html https://errata.almalinux.org/8/ALSA-2023-0114.html https://errata.almalinux.org/9/ALSA-2023-0300.html https://errata.almalinux.org/9/ALSA-2023-0334.html

Huawei EulerOS: CVE-2023-23454: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 05/08/2023 Added 05/08/2023 Modified 01/28/2025 Description cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-23454 CVE - 2023-23454 EulerOS-SA-2023-1781

OS X update for Apple Neural Engine (CVE-2022-3437) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Huawei EulerOS: CVE-2023-23454: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 03/22/2023 Added 03/20/2023 Modified 01/28/2025 Description cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-23454 CVE - 2023-23454 EulerOS-SA-2023-1551

Alpine Linux: CVE-2022-3515: Integer Overflow or Wraparound Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 01/12/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. Solution(s) alpine-linux-upgrade-libksba References https://attackerkb.com/topics/cve-2022-3515 CVE - 2022-3515 https://security.alpinelinux.org/vuln/CVE-2022-3515

Alpine Linux: CVE-2022-3592: Link Following Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 01/12/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem. Solution(s) alpine-linux-upgrade-samba References https://attackerkb.com/topics/cve-2022-3592 CVE - 2022-3592 https://security.alpinelinux.org/vuln/CVE-2022-3592

Alpine Linux: CVE-2022-3437: Vulnerability in Multiple Components Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Solution(s) alpine-linux-upgrade-heimdal alpine-linux-upgrade-samba References https://attackerkb.com/topics/cve-2022-3437 CVE - 2022-3437 https://security.alpinelinux.org/vuln/CVE-2022-3437