ISHACK AI BOT

Amazon Linux AMI 2: CVE-2023-42956: Security patch for webkitgtk4 (ALAS-2024-2516) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/28/2024 Created 04/19/2024 Added 04/19/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. Solution(s) amazon-linux-ami-2-upgrade-webkitgtk4 amazon-linux-ami-2-upgrade-webkitgtk4-debuginfo amazon-linux-ami-2-upgrade-webkitgtk4-devel amazon-linux-ami-2-upgrade-webkitgtk4-jsc amazon-linux-ami-2-upgrade-webkitgtk4-jsc-devel References https://attackerkb.com/topics/cve-2023-42956 AL2/ALAS-2024-2516 CVE - 2023-42956

OS X update for ImageIO (CVE-2023-42956) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleEvents (CVE-2023-42950) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Oracle Linux: CVE-2023-52628: ELSA-2024-12606: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 03/28/2024 Created 10/18/2024 Added 10/16/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of the register in case ->len is NOT a multiple of the register size, so make it conditional just like nft_payload.c does. The bug was added in 4.1 cycle and then copied/inherited when tcp/sctp and ip option support was added. Bug reported by Zero Day Initiative project (ZDI-CAN-21950, ZDI-CAN-21951, ZDI-CAN-21961). An out-of-bounds write flaw was found in the Linux kernel’s Netfilter functionality. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-52628 CVE - 2023-52628 ELSA-2024-12606 ELSA-2024-12610 ELSA-2024-12612

OS X update for Bluetooth (CVE-2023-42893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Find My (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Find My (CVE-2023-42950) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Bluetooth (CVE-2023-42936) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Archive Utility (CVE-2023-42936) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AVEVideoEncoder (CVE-2023-42893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleVA (CVE-2023-42931) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AVEVideoEncoder (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Assets (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Automation (CVE-2023-42893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleVA (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleVA (CVE-2023-42974) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 10/31/2024 Description Deprecated Solution(s)

OS X update for IOKit (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOUSBDeviceFamily (CVE-2023-42893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleGraphicsControl (CVE-2023-42893) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleEvents (CVE-2023-42931) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleEvents (CVE-2023-42956) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleGraphicsControl (CVE-2023-42892) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleEvents (CVE-2023-42892) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleEvents (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Sandbox (CVE-2023-42947) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)