ISHACK AI BOT

Foxit Reader: Use After Free (CVE-2023-42096) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21880. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2023-42096 CVE - 2023-42096 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-23-1429/

VMware Photon OS: CVE-2023-50230 Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-50230 CVE - 2023-50230

VMware Photon OS: CVE-2023-44429 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-44429 CVE - 2023-44429

VMware Photon OS: CVE-2023-51592 Severity 5 CVSS (AV:A/AC:H/Au:N/C:C/I:N/A:P) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20854. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-51592 CVE - 2023-51592

VMware Photon OS: CVE-2023-44431 Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19909. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-44431 CVE - 2023-44431

VMware Photon OS: CVE-2023-50229 Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20936. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-50229 CVE - 2023-50229

Alma Linux: CVE-2023-50230: Moderate: bluez security update (ALSA-2024-9413) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938. Solution(s) alma-upgrade-bluez alma-upgrade-bluez-cups alma-upgrade-bluez-libs alma-upgrade-bluez-libs-devel alma-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-50230 CVE - 2023-50230 https://errata.almalinux.org/9/ALSA-2024-9413.html

VMware Photon OS: CVE-2023-51589 Severity 5 CVSS (AV:A/AC:H/Au:N/C:C/I:N/A:P) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20853. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-51589 CVE - 2023-51589

Huawei EulerOS: CVE-2022-48695: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/03/2024 Created 07/16/2024 Added 07/16/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0 Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48695 CVE - 2022-48695 EulerOS-SA-2024-1911

VMware Photon OS: CVE-2023-40476 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21768. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-40476 CVE - 2023-40476

Ubuntu: USN-6809-1 (CVE-2023-27349): BlueZ vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 06/07/2024 Added 06/07/2024 Modified 11/15/2024 Description BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908. Solution(s) ubuntu-pro-upgrade-bluez ubuntu-pro-upgrade-bluez-tests ubuntu-pro-upgrade-libbluetooth3 References https://attackerkb.com/topics/cve-2023-27349 CVE - 2023-27349 USN-6809-1

Alma Linux: CVE-2023-50229: Moderate: bluez security update (ALSA-2024-9413) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20936. Solution(s) alma-upgrade-bluez alma-upgrade-bluez-cups alma-upgrade-bluez-libs alma-upgrade-bluez-libs-devel alma-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-50229 CVE - 2023-50229 https://errata.almalinux.org/9/ALSA-2024-9413.html

Alma Linux: CVE-2023-51596: Moderate: bluez security update (ALSA-2024-9413) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20939. Solution(s) alma-upgrade-bluez alma-upgrade-bluez-cups alma-upgrade-bluez-libs alma-upgrade-bluez-libs-devel alma-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-51596 CVE - 2023-51596 https://errata.almalinux.org/9/ALSA-2024-9413.html

Alma Linux: CVE-2023-37327: Moderate: gstreamer1-plugins-good security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of FLAC audio files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20775. Solution(s) alma-upgrade-gstreamer1-plugins-good alma-upgrade-gstreamer1-plugins-good-gtk References https://attackerkb.com/topics/cve-2023-37327 CVE - 2023-37327 https://errata.almalinux.org/8/ALSA-2024-3089.html https://errata.almalinux.org/9/ALSA-2024-2303.html

Alma Linux: CVE-2023-44431: Moderate: bluez security update (ALSA-2024-9413) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19909. Solution(s) alma-upgrade-bluez alma-upgrade-bluez-cups alma-upgrade-bluez-libs alma-upgrade-bluez-libs-devel alma-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-44431 CVE - 2023-44431 https://errata.almalinux.org/9/ALSA-2024-9413.html

Alma Linux: CVE-2023-51580: Moderate: bluez security update (ALSA-2024-9413) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20852. Solution(s) alma-upgrade-bluez alma-upgrade-bluez-cups alma-upgrade-bluez-libs alma-upgrade-bluez-libs-devel alma-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-51580 CVE - 2023-51580 https://errata.almalinux.org/9/ALSA-2024-9413.html

Alma Linux: CVE-2023-51592: Moderate: bluez security update (ALSA-2024-9413) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20854. Solution(s) alma-upgrade-bluez alma-upgrade-bluez-cups alma-upgrade-bluez-libs alma-upgrade-bluez-libs-devel alma-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-51592 CVE - 2023-51592 https://errata.almalinux.org/9/ALSA-2024-9413.html

Red Hat: CVE-2022-48686: kernel: nvme-tcp: fix UAF when detecting digest errors (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:S/C:N/I:N/A:C) Published 05/03/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted. Solution(s) redhat-upgrade-kernel References CVE-2022-48686 RHSA-2024:10262

Red Hat: CVE-2022-48672: kernel: of: fdt: fix off-by-one error in unflatten_dt_nodes() (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/03/2024 Created 12/06/2024 Added 12/05/2024 Modified 12/05/2024 Description In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which makes it possible to overflow the nps[] buffer... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2022-48672 RHSA-2024:9315

Alpine Linux: CVE-2023-37327: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:C) Published 05/03/2024 Created 08/23/2024 Added 08/22/2024 Modified 12/19/2024 Description GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of FLAC audio files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20775. Solution(s) alpine-linux-upgrade-gst-plugins-good References https://attackerkb.com/topics/cve-2023-37327 CVE - 2023-37327 https://security.alpinelinux.org/vuln/CVE-2023-37327

Oracle Linux: CVE-2023-27349: ELSA-2024-9413:bluez security update (MODERATE) (Multiple Advisories) Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 11/23/2024 Added 11/21/2024 Modified 11/22/2024 Description BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908. A vulnerability was found in the BlueZ Audio Profile AVRCP, stemming from the improper validation of array indices. This flaw resides in the AVRCP protocol handling and arises due to inadequate validation of user-supplied data. Consequently, it may lead to writing beyond the bounds of an allocated buffer. This flaw possibly allows a network-adjacent attacker to execute code within the root context via Bluetooth. Solution(s) oracle-linux-upgrade-bluez oracle-linux-upgrade-bluez-cups oracle-linux-upgrade-bluez-libs oracle-linux-upgrade-bluez-libs-devel oracle-linux-upgrade-bluez-obexd References https://attackerkb.com/topics/cve-2023-27349 CVE - 2023-27349 ELSA-2024-9413

Rocky Linux: CVE-2023-44442: gimp-2.8 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/03/2024 Created 03/14/2024 Added 08/28/2024 Modified 02/14/2025 Description GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-CAN-22094. Solution(s) rocky-upgrade-gimp rocky-upgrade-gimp-debuginfo rocky-upgrade-gimp-debugsource rocky-upgrade-gimp-devel rocky-upgrade-gimp-devel-tools rocky-upgrade-gimp-devel-tools-debuginfo rocky-upgrade-gimp-libs rocky-upgrade-gimp-libs-debuginfo rocky-upgrade-pygobject2 rocky-upgrade-pygobject2-codegen rocky-upgrade-pygobject2-debuginfo rocky-upgrade-pygobject2-debugsource rocky-upgrade-pygobject2-devel rocky-upgrade-pygobject2-doc rocky-upgrade-pygtk2 rocky-upgrade-pygtk2-codegen rocky-upgrade-pygtk2-debuginfo rocky-upgrade-pygtk2-debugsource rocky-upgrade-pygtk2-devel rocky-upgrade-python2-cairo rocky-upgrade-python2-cairo-debuginfo rocky-upgrade-python2-cairo-devel rocky-upgrade-python2-pycairo-debugsource References https://attackerkb.com/topics/cve-2023-44442 CVE - 2023-44442 https://errata.rockylinux.org/RLSA-2024:0675 https://errata.rockylinux.org/RLSA-2024:0861 https://errata.rockylinux.org/RLSA-2025:0746

Rocky Linux: CVE-2023-37328: gstreamer1-plugins-base (RLSA-2024-2302) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 05/13/2024 Added 05/13/2024 Modified 01/28/2025 Description GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20994. Solution(s) rocky-upgrade-gstreamer1-plugins-base rocky-upgrade-gstreamer1-plugins-base-debuginfo rocky-upgrade-gstreamer1-plugins-base-debugsource rocky-upgrade-gstreamer1-plugins-base-devel rocky-upgrade-gstreamer1-plugins-base-tools rocky-upgrade-gstreamer1-plugins-base-tools-debuginfo References https://attackerkb.com/topics/cve-2023-37328 CVE - 2023-37328 https://errata.rockylinux.org/RLSA-2024:2302

VMware Photon OS: CVE-2022-48672 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which makes it possible to overflow the nps[] buffer... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48672 CVE - 2022-48672

7-Zip: CVE-2023-40481: CWE-787 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/03/2024 Created 12/20/2024 Added 12/19/2024 Modified 12/19/2024 Description 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589. Solution(s) 7-zip-7-zip-upgrade-latest References https://attackerkb.com/topics/cve-2023-40481 CVE - 2023-40481 https://www.zerodayinitiative.com/advisories/ZDI-23-1164/ https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/