ISHACK AI BOT

Huawei EulerOS: CVE-2023-46218: curl security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 12/07/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/30/2025 Description This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. Solution(s) huawei-euleros-2_0_sp8-upgrade-curl huawei-euleros-2_0_sp8-upgrade-libcurl huawei-euleros-2_0_sp8-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-46218 CVE - 2023-46218 EulerOS-SA-2024-1260

Huawei EulerOS: CVE-2023-46218: curl security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 12/07/2023 Created 01/30/2024 Added 01/29/2024 Modified 01/30/2025 Description This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. Solution(s) huawei-euleros-2_0_sp11-upgrade-curl huawei-euleros-2_0_sp11-upgrade-libcurl References https://attackerkb.com/topics/cve-2023-46218 CVE - 2023-46218 EulerOS-SA-2024-1117

Ubuntu: USN-6551-1 (CVE-2023-46751): Ghostscript vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/06/2023 Created 12/14/2023 Added 12/13/2023 Modified 01/28/2025 Description An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Solution(s) ubuntu-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-46751 CVE - 2023-46751 USN-6551-1

SUSE: CVE-2023-39326: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/06/2023 Created 12/13/2023 Added 12/12/2023 Modified 01/28/2025 Description A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. Solution(s) suse-upgrade-go1-20 suse-upgrade-go1-20-doc suse-upgrade-go1-20-openssl suse-upgrade-go1-20-openssl-doc suse-upgrade-go1-20-openssl-race suse-upgrade-go1-20-race suse-upgrade-go1-21 suse-upgrade-go1-21-doc suse-upgrade-go1-21-openssl suse-upgrade-go1-21-openssl-doc suse-upgrade-go1-21-openssl-race suse-upgrade-go1-21-race References https://attackerkb.com/topics/cve-2023-39326 CVE - 2023-39326

SUSE: CVE-2023-46219: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 12/06/2023 Created 12/08/2023 Added 12/07/2023 Modified 01/28/2025 Description When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. Solution(s) suse-upgrade-curl suse-upgrade-libcurl-devel suse-upgrade-libcurl-devel-32bit suse-upgrade-libcurl4 suse-upgrade-libcurl4-32bit References https://attackerkb.com/topics/cve-2023-46219 CVE - 2023-46219

Alpine Linux: CVE-2023-6510: Use After Free Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/06/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) Solution(s) alpine-linux-upgrade-qt5-qtwebengine alpine-linux-upgrade-qt6-qtwebengine References https://attackerkb.com/topics/cve-2023-6510 CVE - 2023-6510 https://security.alpinelinux.org/vuln/CVE-2023-6510

Alpine Linux: CVE-2023-46751: Use After Free Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/06/2023 Created 03/22/2024 Added 03/21/2024 Modified 01/28/2025 Description An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Solution(s) alpine-linux-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-46751 CVE - 2023-46751 https://security.alpinelinux.org/vuln/CVE-2023-46751

Amazon Linux 2023: CVE-2023-49288: Important priority package update for squid Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/05/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsed_forwarding on" are vulnerable. Configurations with "collapsed_forwarding off" or without a "collapsed_forwarding" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf. A flaw was found in Squid. The use of the HTTP Collapsed Forwarding configuration may allow an attacker to perform a denial of service remotely. Solution(s) amazon-linux-2023-upgrade-squid amazon-linux-2023-upgrade-squid-debuginfo amazon-linux-2023-upgrade-squid-debugsource References https://attackerkb.com/topics/cve-2023-49288 CVE - 2023-49288 https://alas.aws.amazon.com/AL2023/ALAS-2024-578.html

SUSE: CVE-2023-49284: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:C) Published 12/05/2023 Created 12/20/2023 Added 12/19/2023 Modified 01/28/2025 Description fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than transforming them into a safe internal representation. While this may cause unexpected behavior with direct input (for example, echo \UFDD2HOME has the same output as echo $HOME), this may become a minor security problem if the output is being fed from an external program into a command substitution where this output may not be expected. This design flaw was introduced in very early versions of fish, predating the version control system, and is thought to be present in every version of fish released in the last 15 years or more, although with different characters. Code execution does not appear to be possible, but denial of service (through large brace expansion) or information disclosure (such as variable expansion) is potentially possible under certain circumstances. fish shell 3.6.2 has been released to correct this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) suse-upgrade-fish suse-upgrade-fish-devel References https://attackerkb.com/topics/cve-2023-49284 CVE - 2023-49284

Red Hat: CVE-2023-45287: golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 12/05/2023 Created 02/13/2024 Added 02/12/2024 Modified 09/03/2024 Description Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels. Solution(s) redhat-upgrade-aardvark-dns redhat-upgrade-buildah redhat-upgrade-buildah-debuginfo redhat-upgrade-buildah-debugsource redhat-upgrade-buildah-tests redhat-upgrade-buildah-tests-debuginfo redhat-upgrade-cockpit-podman redhat-upgrade-conmon redhat-upgrade-conmon-debuginfo redhat-upgrade-conmon-debugsource redhat-upgrade-container-selinux redhat-upgrade-containernetworking-plugins redhat-upgrade-containernetworking-plugins-debuginfo redhat-upgrade-containernetworking-plugins-debugsource redhat-upgrade-containers-common redhat-upgrade-crit redhat-upgrade-criu redhat-upgrade-criu-debuginfo redhat-upgrade-criu-debugsource redhat-upgrade-criu-devel redhat-upgrade-criu-libs redhat-upgrade-criu-libs-debuginfo redhat-upgrade-crun redhat-upgrade-crun-debuginfo redhat-upgrade-crun-debugsource redhat-upgrade-fuse-overlayfs redhat-upgrade-fuse-overlayfs-debuginfo redhat-upgrade-fuse-overlayfs-debugsource redhat-upgrade-libslirp redhat-upgrade-libslirp-debuginfo redhat-upgrade-libslirp-debugsource redhat-upgrade-libslirp-devel redhat-upgrade-netavark redhat-upgrade-oci-seccomp-bpf-hook redhat-upgrade-oci-seccomp-bpf-hook-debuginfo redhat-upgrade-oci-seccomp-bpf-hook-debugsource redhat-upgrade-podman redhat-upgrade-podman-catatonit redhat-upgrade-podman-catatonit-debuginfo redhat-upgrade-podman-debuginfo redhat-upgrade-podman-debugsource redhat-upgrade-podman-docker redhat-upgrade-podman-gvproxy redhat-upgrade-podman-gvproxy-debuginfo redhat-upgrade-podman-plugins redhat-upgrade-podman-plugins-debuginfo redhat-upgrade-podman-remote redhat-upgrade-podman-remote-debuginfo redhat-upgrade-podman-tests redhat-upgrade-python3-criu redhat-upgrade-python3-podman redhat-upgrade-runc redhat-upgrade-runc-debuginfo redhat-upgrade-runc-debugsource redhat-upgrade-skopeo redhat-upgrade-skopeo-debuginfo redhat-upgrade-skopeo-debugsource redhat-upgrade-skopeo-tests redhat-upgrade-slirp4netns redhat-upgrade-slirp4netns-debuginfo redhat-upgrade-slirp4netns-debugsource redhat-upgrade-toolbox redhat-upgrade-toolbox-debuginfo redhat-upgrade-toolbox-debugsource redhat-upgrade-toolbox-tests redhat-upgrade-udica References CVE-2023-45287 RHSA-2024:0748 RHSA-2024:2180 RHSA-2024:2193 RHSA-2024:2239 RHSA-2024:2245 RHSA-2024:2272 RHSA-2024:2988 RHSA-2024:4429 View more

Debian: CVE-2023-46751: ghostscript -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/06/2023 Created 12/20/2023 Added 12/19/2023 Modified 01/28/2025 Description An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Solution(s) debian-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-46751 CVE - 2023-46751 DSA-5578-1

Red Hat: CVE-2023-39326: golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/06/2023 Created 02/13/2024 Added 02/12/2024 Modified 09/03/2024 Description A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. Solution(s) redhat-upgrade-aardvark-dns redhat-upgrade-buildah redhat-upgrade-buildah-debuginfo redhat-upgrade-buildah-debugsource redhat-upgrade-buildah-tests redhat-upgrade-buildah-tests-debuginfo redhat-upgrade-cockpit-podman redhat-upgrade-conmon redhat-upgrade-conmon-debuginfo redhat-upgrade-conmon-debugsource redhat-upgrade-container-selinux redhat-upgrade-containernetworking-plugins redhat-upgrade-containernetworking-plugins-debuginfo redhat-upgrade-containernetworking-plugins-debugsource redhat-upgrade-containers-common redhat-upgrade-crit redhat-upgrade-criu redhat-upgrade-criu-debuginfo redhat-upgrade-criu-debugsource redhat-upgrade-criu-devel redhat-upgrade-criu-libs redhat-upgrade-criu-libs-debuginfo redhat-upgrade-crun redhat-upgrade-crun-debuginfo redhat-upgrade-crun-debugsource redhat-upgrade-delve redhat-upgrade-delve-debuginfo redhat-upgrade-delve-debugsource redhat-upgrade-fuse-overlayfs redhat-upgrade-fuse-overlayfs-debuginfo redhat-upgrade-fuse-overlayfs-debugsource redhat-upgrade-go-toolset redhat-upgrade-golang redhat-upgrade-golang-bin redhat-upgrade-golang-docs redhat-upgrade-golang-misc redhat-upgrade-golang-src redhat-upgrade-golang-tests redhat-upgrade-libslirp redhat-upgrade-libslirp-debuginfo redhat-upgrade-libslirp-debugsource redhat-upgrade-libslirp-devel redhat-upgrade-netavark redhat-upgrade-oci-seccomp-bpf-hook redhat-upgrade-oci-seccomp-bpf-hook-debuginfo redhat-upgrade-oci-seccomp-bpf-hook-debugsource redhat-upgrade-podman redhat-upgrade-podman-catatonit redhat-upgrade-podman-catatonit-debuginfo redhat-upgrade-podman-debuginfo redhat-upgrade-podman-debugsource redhat-upgrade-podman-docker redhat-upgrade-podman-gvproxy redhat-upgrade-podman-gvproxy-debuginfo redhat-upgrade-podman-plugins redhat-upgrade-podman-plugins-debuginfo redhat-upgrade-podman-remote redhat-upgrade-podman-remote-debuginfo redhat-upgrade-podman-tests redhat-upgrade-python3-criu redhat-upgrade-python3-podman redhat-upgrade-rhc-worker-script redhat-upgrade-runc redhat-upgrade-runc-debuginfo redhat-upgrade-runc-debugsource redhat-upgrade-skopeo redhat-upgrade-skopeo-debuginfo redhat-upgrade-skopeo-debugsource redhat-upgrade-skopeo-tests redhat-upgrade-slirp4netns redhat-upgrade-slirp4netns-debuginfo redhat-upgrade-slirp4netns-debugsource redhat-upgrade-toolbox redhat-upgrade-toolbox-debuginfo redhat-upgrade-toolbox-debugsource redhat-upgrade-toolbox-tests redhat-upgrade-udica References CVE-2023-39326 RHSA-2024:0748 RHSA-2024:0887 RHSA-2024:1131 RHSA-2024:1149 RHSA-2024:1244 RHSA-2024:2160 RHSA-2024:2193 RHSA-2024:2245 RHSA-2024:2272 RHSA-2024:2988 View more

SUSE: CVE-2023-6510: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/06/2023 Created 01/18/2024 Added 01/17/2024 Modified 01/28/2025 Description Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-6510 CVE - 2023-6510

Amazon Linux AMI: CVE-2023-39326: Security patch for golang (ALAS-2024-1903) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/06/2023 Created 01/11/2024 Added 01/09/2024 Modified 01/28/2025 Description A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. Solution(s) amazon-linux-upgrade-golang References ALAS-2024-1903 CVE-2023-39326

Red Hat: CVE-2023-45285: golang: cmd/go: Protocol Fallback when fetching modules (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 12/06/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module proxy and are fetching modules directly (i.e. GOPROXY=off). Solution(s) redhat-upgrade-delve redhat-upgrade-delve-debuginfo redhat-upgrade-delve-debugsource redhat-upgrade-go-toolset redhat-upgrade-golang redhat-upgrade-golang-bin redhat-upgrade-golang-docs redhat-upgrade-golang-misc redhat-upgrade-golang-src redhat-upgrade-golang-tests References CVE-2023-45285 RHSA-2024:0887 RHSA-2024:1131

Alma Linux: CVE-2023-39326: Important: container-tools:4.0 security update (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/06/2023 Created 02/14/2024 Added 02/13/2024 Modified 01/28/2025 Description A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-delve alma-upgrade-fuse-overlayfs alma-upgrade-go-toolset alma-upgrade-golang alma-upgrade-golang-bin alma-upgrade-golang-docs alma-upgrade-golang-misc alma-upgrade-golang-src alma-upgrade-golang-tests alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2023-39326 CVE - 2023-39326 https://errata.almalinux.org/8/ALSA-2024-0748.html https://errata.almalinux.org/8/ALSA-2024-0887.html https://errata.almalinux.org/9/ALSA-2024-1131.html https://errata.almalinux.org/9/ALSA-2024-1149.html https://errata.almalinux.org/9/ALSA-2024-2160.html https://errata.almalinux.org/9/ALSA-2024-2193.html https://errata.almalinux.org/9/ALSA-2024-2245.html https://errata.almalinux.org/9/ALSA-2024-2272.html View more

Ubuntu: (Multiple Advisories) (CVE-2023-2861): QEMU vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:N) Published 12/06/2023 Created 01/10/2024 Added 01/09/2024 Modified 01/28/2025 Description A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder. Solution(s) ubuntu-upgrade-qemu ubuntu-upgrade-qemu-system ubuntu-upgrade-qemu-system-arm ubuntu-upgrade-qemu-system-mips ubuntu-upgrade-qemu-system-misc ubuntu-upgrade-qemu-system-ppc ubuntu-upgrade-qemu-system-s390x ubuntu-upgrade-qemu-system-sparc ubuntu-upgrade-qemu-system-x86 ubuntu-upgrade-qemu-system-x86-microvm ubuntu-upgrade-qemu-system-x86-xen ubuntu-upgrade-qemu-system-xen References https://attackerkb.com/topics/cve-2023-2861 CVE - 2023-2861 USN-6567-1 USN-6567-2

Oracle Linux: CVE-2023-6606: ELSA-2024-1248:kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 12/04/2023 Created 02/27/2024 Added 02/23/2024 Modified 01/23/2025 Description An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-6606 CVE - 2023-6606 ELSA-2024-1248 ELSA-2024-12169 ELSA-2024-0897 ELSA-2024-12806

Artifex Ghostscript: (CVE-2023-46751) An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/06/2023 Created 01/31/2024 Added 01/24/2024 Modified 01/28/2025 Description An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. Solution(s) ghostscript-upgrade-10_02_1 References https://attackerkb.com/topics/cve-2023-46751 CVE - 2023-46751

Alma Linux: CVE-2023-45285: Moderate: go-toolset:rhel8 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 12/06/2023 Created 02/24/2024 Added 02/23/2024 Modified 01/30/2025 Description Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module proxy and are fetching modules directly (i.e. GOPROXY=off). Solution(s) alma-upgrade-delve alma-upgrade-go-toolset alma-upgrade-golang alma-upgrade-golang-bin alma-upgrade-golang-docs alma-upgrade-golang-misc alma-upgrade-golang-src alma-upgrade-golang-tests References https://attackerkb.com/topics/cve-2023-45285 CVE - 2023-45285 https://errata.almalinux.org/8/ALSA-2024-0887.html https://errata.almalinux.org/9/ALSA-2024-1131.html

Debian: CVE-2023-44446: gst-plugins-bad1.0 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/04/2023 Created 12/05/2023 Added 12/04/2023 Modified 01/28/2025 Description GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299. Solution(s) debian-upgrade-gst-plugins-bad1-0 References https://attackerkb.com/topics/cve-2023-44446 CVE - 2023-44446 DLA-3673-1 DSA-5565-1

SUSE: CVE-2023-49285: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/04/2023 Created 12/12/2023 Added 12/11/2023 Modified 01/28/2025 Description Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) suse-upgrade-squid References https://attackerkb.com/topics/cve-2023-49285 CVE - 2023-49285

SUSE: CVE-2023-49286: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/04/2023 Created 12/12/2023 Added 12/11/2023 Modified 01/28/2025 Description Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) suse-upgrade-squid References https://attackerkb.com/topics/cve-2023-49286 CVE - 2023-49286

Debian: CVE-2023-49285: squid -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/04/2023 Created 01/16/2024 Added 01/15/2024 Modified 01/28/2025 Description Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) debian-upgrade-squid References https://attackerkb.com/topics/cve-2023-49285 CVE - 2023-49285 DLA-3709-1

Debian: CVE-2023-44429: gst-plugins-bad1.0 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/04/2023 Created 12/05/2023 Added 12/04/2023 Modified 01/28/2025 Description GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22226. Solution(s) debian-upgrade-gst-plugins-bad1-0 References https://attackerkb.com/topics/cve-2023-44429 CVE - 2023-44429 DSA-5565-1