ISHACK AI BOT

Red Hat: CVE-2023-49083: python-cryptography: NULL-dereference when loading PKCS7 certificates (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 05/01/2024 Added 05/01/2024 Modified 02/10/2025 Description cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. Solution(s) redhat-upgrade-python3-11-cryptography redhat-upgrade-python3-11-cryptography-debuginfo redhat-upgrade-python3-11-cryptography-debugsource References CVE-2023-49083 RHSA-2024:10965 RHSA-2024:2337 RHSA-2024:3105

VMware Photon OS: CVE-2023-49083 Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-49083 CVE - 2023-49083

FreeBSD: (Multiple Advisories) (CVE-2023-6351): electron25 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 12/02/2023 Added 11/30/2023 Modified 01/28/2025 Description Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron25 freebsd-upgrade-package-qt5-webengine freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2023-6351

SUSE: CVE-2023-49082: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 11/29/2023 Created 01/23/2024 Added 01/22/2024 Modified 01/28/2025 Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request (e.g. insert a new header) or even create a new HTTP request if the attacker controls the HTTP method. The vulnerability occurs only if the attacker can control the HTTP method (GET, POST etc.) of the request. If the attacker can control the HTTP version of the request it will be able to modify the request (request smuggling). This issue has been patched in version 3.9.0. Solution(s) suse-upgrade-python311-aiohttp References https://attackerkb.com/topics/cve-2023-49082 CVE - 2023-49082

Amazon Linux AMI 2: CVE-2023-48948: Security patch for virtuoso-opensource (ALAS-2024-2383) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue in the box_div function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-48948 AL2/ALAS-2024-2383 CVE - 2023-48948

Apache Tomcat: Important: Request smuggling (CVE-2023-46589) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 11/29/2023 Created 11/30/2023 Added 11/29/2023 Modified 01/28/2025 Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue. Solution(s) apache-tomcat-upgrade-10_1_16 apache-tomcat-upgrade-8_5_96 apache-tomcat-upgrade-9_0_83 References https://attackerkb.com/topics/cve-2023-46589 CVE - 2023-46589 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html

Amazon Linux AMI 2: CVE-2023-48952: Security patch for virtuoso-opensource (ALAS-2024-2383) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-48952 AL2/ALAS-2024-2383 CVE - 2023-48952

Amazon Linux AMI 2: CVE-2023-48951: Security patch for virtuoso-opensource (ALAS-2024-2383) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An issue in the box_equal function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-48951 AL2/ALAS-2024-2383 CVE - 2023-48951

Oracle Linux: CVE-2023-6931: ELSA-2024-2394:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 11/29/2023 Created 05/21/2024 Added 04/11/2024 Modified 01/07/2025 Description A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b. A flaw was found in the Linux kernel's Performance Events system component. A condition can be triggered that allows data to be written past the end or before the beginning of the intended memory buffer. This may lead to a system crash, code execution, or local privilege escalation. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-6931 CVE - 2023-6931 ELSA-2024-2394 ELSA-2024-1607

Google Chrome Vulnerability: CVE-2023-6347 Use after free in Mojo Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 11/30/2023 Added 11/29/2023 Modified 01/28/2025 Description Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-6347 CVE - 2023-6347

Ubuntu: USN-6526-1 (CVE-2023-40474): GStreamer Bad Plugins vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 01/28/2025 Description GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21660. Solution(s) ubuntu-upgrade-gstreamer1-0-plugins-bad ubuntu-upgrade-libgstreamer-plugins-bad1-0-0 References https://attackerkb.com/topics/cve-2023-40474 CVE - 2023-40474 USN-6526-1

Ubuntu: USN-6526-1 (CVE-2023-37329): GStreamer Bad Plugins vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 01/28/2025 Description GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of SRT subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20968. Solution(s) ubuntu-upgrade-gstreamer1-0-plugins-bad ubuntu-upgrade-libgstreamer-plugins-bad1-0-0 References https://attackerkb.com/topics/cve-2023-37329 CVE - 2023-37329 USN-6526-1

Google Chrome Vulnerability: CVE-2023-6351 Use after free in libavif Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 11/30/2023 Added 11/29/2023 Modified 01/28/2025 Description Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-6351 CVE - 2023-6351

Ubuntu: USN-6879-1 (CVE-2023-48950): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description An issue in the box_col_len function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-48950 CVE - 2023-48950 USN-6879-1

Ubuntu: USN-6879-1 (CVE-2023-48945): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description A stack overflow in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-48945 CVE - 2023-48945 USN-6879-1

Ubuntu: USN-6521-1 (CVE-2023-44443): GIMP vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 10/23/2024 Description GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22096. Solution(s) ubuntu-upgrade-gimp References https://attackerkb.com/topics/cve-2023-44443 CVE - 2023-44443 USN-6521-1

Alma Linux: CVE-2023-5870: Important: postgresql:13 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:M/Au:M/C:N/I:N/A:C) Published 11/29/2023 Created 12/06/2023 Added 12/05/2023 Modified 02/11/2025 Description A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack. Solution(s) alma-upgrade-pg_repack alma-upgrade-pgaudit alma-upgrade-postgres-decoderbufs alma-upgrade-postgresql alma-upgrade-postgresql-contrib alma-upgrade-postgresql-docs alma-upgrade-postgresql-plperl alma-upgrade-postgresql-plpython3 alma-upgrade-postgresql-pltcl alma-upgrade-postgresql-private-devel alma-upgrade-postgresql-private-libs alma-upgrade-postgresql-server alma-upgrade-postgresql-server-devel alma-upgrade-postgresql-static alma-upgrade-postgresql-test alma-upgrade-postgresql-test-rpm-macros alma-upgrade-postgresql-upgrade alma-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2023-5870 CVE - 2023-5870 https://errata.almalinux.org/8/ALSA-2023-7581.html https://errata.almalinux.org/8/ALSA-2023-7714.html https://errata.almalinux.org/8/ALSA-2023-7884.html https://errata.almalinux.org/9/ALSA-2023-7784.html https://errata.almalinux.org/9/ALSA-2023-7785.html

Google Chrome Vulnerability: CVE-2023-6345 Integer overflow in Skia Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 11/30/2023 Added 11/29/2023 Modified 01/28/2025 Description Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-6345 CVE - 2023-6345

Alma Linux: CVE-2023-49083: Moderate: python3.11-cryptography security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. Solution(s) alma-upgrade-python3.11-cryptography References https://attackerkb.com/topics/cve-2023-49083 CVE - 2023-49083 https://errata.almalinux.org/8/ALSA-2024-3105.html https://errata.almalinux.org/9/ALSA-2024-2337.html

Ubuntu: USN-6879-1 (CVE-2023-48946): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description An issue in the box_mpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-48946 CVE - 2023-48946 USN-6879-1

Ubuntu: USN-6521-1 (CVE-2023-44444): GIMP vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 10/23/2024 Description GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22097. Solution(s) ubuntu-upgrade-gimp References https://attackerkb.com/topics/cve-2023-44444 CVE - 2023-44444 USN-6521-1

Ubuntu: USN-6879-1 (CVE-2023-48947): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/29/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description An issue in the cha_cmp function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-48947 CVE - 2023-48947 USN-6879-1

Ubuntu: USN-6526-1 (CVE-2023-40475): GStreamer Bad Plugins vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 01/28/2025 Description GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21661. Solution(s) ubuntu-upgrade-gstreamer1-0-plugins-bad ubuntu-upgrade-libgstreamer-plugins-bad1-0-0 References https://attackerkb.com/topics/cve-2023-40475 CVE - 2023-40475 USN-6526-1

Ubuntu: USN-6521-1 (CVE-2023-44442): GIMP vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 10/23/2024 Description GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-CAN-22094. Solution(s) ubuntu-upgrade-gimp References https://attackerkb.com/topics/cve-2023-44442 CVE - 2023-44442 USN-6521-1

Ubuntu: (Multiple Advisories) (CVE-2023-44441): GIMP vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/29/2023 Created 12/01/2023 Added 11/30/2023 Modified 01/17/2025 Description GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22093. Solution(s) ubuntu-pro-upgrade-gimp ubuntu-pro-upgrade-gimp-dds References https://attackerkb.com/topics/cve-2023-44441 CVE - 2023-44441 USN-6521-1 USN-7209-1