ISHACK AI BOT

Microsoft Office: CVE-2023-36413: Microsoft Office Security Feature Bypass Vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description Microsoft Office: CVE-2023-36413: Microsoft Office Security Feature Bypass Vulnerability Solution(s) microsoft-office_2016-kb5002521 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-36413 CVE - 2023-36413 https://support.microsoft.com/help/5002521

Microsoft Office: CVE-2023-36037: Microsoft Excel Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description Microsoft Office: CVE-2023-36037: Microsoft Excel Security Feature Bypass Vulnerability Solution(s) microsoft-excel_2016-kb5002518 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-36037 CVE - 2023-36037 https://support.microsoft.com/help/5002518

Microsoft Office: CVE-2023-36041: Microsoft Excel Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description Microsoft Office: CVE-2023-36041: Microsoft Excel Remote Code Execution Vulnerability Solution(s) microsoft-excel_2016-kb5002518 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-36041 CVE - 2023-36041 https://support.microsoft.com/help/5002518

Microsoft Office: CVE-2023-36045: Microsoft Office Graphics Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description Microsoft Office: CVE-2023-36045: Microsoft Office Graphics Remote Code Execution Vulnerability Solution(s) office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-36045 CVE - 2023-36045

Debian: CVE-2023-23583: intel-microcode -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. Solution(s) debian-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2023-23583 CVE - 2023-23583 DSA-5563-1

CentOS Linux: CVE-2023-36049: Moderate: dotnet8.0 security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Solution(s) centos-upgrade-aspnetcore-runtime-6-0 centos-upgrade-aspnetcore-runtime-7-0 centos-upgrade-aspnetcore-runtime-8-0 centos-upgrade-aspnetcore-targeting-pack-6-0 centos-upgrade-aspnetcore-targeting-pack-7-0 centos-upgrade-aspnetcore-targeting-pack-8-0 centos-upgrade-dotnet centos-upgrade-dotnet-apphost-pack-6-0 centos-upgrade-dotnet-apphost-pack-6-0-debuginfo centos-upgrade-dotnet-apphost-pack-7-0 centos-upgrade-dotnet-apphost-pack-7-0-debuginfo centos-upgrade-dotnet-apphost-pack-8-0 centos-upgrade-dotnet-apphost-pack-8-0-debuginfo centos-upgrade-dotnet-host centos-upgrade-dotnet-host-debuginfo centos-upgrade-dotnet-hostfxr-6-0 centos-upgrade-dotnet-hostfxr-6-0-debuginfo centos-upgrade-dotnet-hostfxr-7-0 centos-upgrade-dotnet-hostfxr-7-0-debuginfo centos-upgrade-dotnet-hostfxr-8-0 centos-upgrade-dotnet-hostfxr-8-0-debuginfo centos-upgrade-dotnet-runtime-6-0 centos-upgrade-dotnet-runtime-6-0-debuginfo centos-upgrade-dotnet-runtime-7-0 centos-upgrade-dotnet-runtime-7-0-debuginfo centos-upgrade-dotnet-runtime-8-0 centos-upgrade-dotnet-runtime-8-0-debuginfo centos-upgrade-dotnet-sdk-6-0 centos-upgrade-dotnet-sdk-6-0-debuginfo centos-upgrade-dotnet-sdk-7-0 centos-upgrade-dotnet-sdk-7-0-debuginfo centos-upgrade-dotnet-sdk-8-0 centos-upgrade-dotnet-sdk-8-0-debuginfo centos-upgrade-dotnet-targeting-pack-6-0 centos-upgrade-dotnet-targeting-pack-7-0 centos-upgrade-dotnet-targeting-pack-8-0 centos-upgrade-dotnet-templates-6-0 centos-upgrade-dotnet-templates-7-0 centos-upgrade-dotnet-templates-8-0 centos-upgrade-dotnet6-0-debuginfo centos-upgrade-dotnet6-0-debugsource centos-upgrade-dotnet7-0-debuginfo centos-upgrade-dotnet7-0-debugsource centos-upgrade-dotnet8-0-debuginfo centos-upgrade-dotnet8-0-debugsource centos-upgrade-netstandard-targeting-pack-2-1 References CVE-2023-36049

Microsoft Windows: CVE-2023-36401: Microsoft Remote Registry Service Remote Code Execution Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Microsoft Remote Registry Service Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36401 CVE - 2023-36401 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

Microsoft Windows: CVE-2023-36425: Windows Distributed File System (DFS) Remote Code Execution Vulnerability Severity 8 CVSS (AV:N/AC:M/Au:M/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Windows Distributed File System (DFS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36425 CVE - 2023-36425 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

Adobe Acrobat: CVE-2023-44361: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44361 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44361

Microsoft Windows: CVE-2023-36047: Windows Authentication Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 08/07/2024 Description Windows Authentication Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36047 CVE - 2023-36047 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032202 View more

Adobe Acrobat: CVE-2023-44356: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44356 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44356

Adobe Acrobat: CVE-2023-44336: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44336 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44336

Oracle Linux: CVE-2023-44441: ELSA-2024-0675:gimp security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 05/22/2024 Added 05/21/2024 Modified 12/05/2024 Description GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22093. A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process. Solution(s) oracle-linux-upgrade-gimp oracle-linux-upgrade-gimp-libs References https://attackerkb.com/topics/cve-2023-44441 CVE - 2023-44441 ELSA-2024-0675

Aruba AOS-10: CVE-2023-45627: Authenticated Denial-of-Service (DoS) Vulnerability in CLI Service Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:P) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. Solution(s) aruba-aos-10-cve-2023-45627 References https://attackerkb.com/topics/cve-2023-45627 CVE - 2023-45627 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

APSB23-52: Security updates available for Adobe ColdFusion | APSB23-52 (CVE-2023-44350) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. Solution(s) adobe-coldfusion-2021-release-update-12 adobe-coldfusion-2023-release-update-6 References https://attackerkb.com/topics/cve-2023-44350 CVE - 2023-44350 https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html

Aruba AOS-10: CVE-2023-45626: Persistent Authenticated Arbitrary Code Execution across Boot Cycles Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:C/A:P) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles. Solution(s) aruba-aos-10-cve-2023-45626 References https://attackerkb.com/topics/cve-2023-45626 CVE - 2023-45626 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45614: Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-45614 References https://attackerkb.com/topics/cve-2023-45614 CVE - 2023-45614 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45616: Unauthenticated Buffer Overflow Vulnerability in AirWave Client Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-45616 References https://attackerkb.com/topics/cve-2023-45616 CVE - 2023-45616 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45618: Unauthenticated Arbitrary File Deletion in AirWave Client Service Accessed by the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point. Solution(s) aruba-aos-10-cve-2023-45618 References https://attackerkb.com/topics/cve-2023-45618 CVE - 2023-45618 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45619: Unauthenticated Arbitrary File Deletion in RSSI Service Accessed by the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point. Solution(s) aruba-aos-10-cve-2023-45619 References https://attackerkb.com/topics/cve-2023-45619 CVE - 2023-45619 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45620: Unauthenticated Denial-of-Service (DoS) Vulnerabilities in CLI Service Accessed via the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Solution(s) aruba-aos-10-cve-2023-45620 References https://attackerkb.com/topics/cve-2023-45620 CVE - 2023-45620 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45622: Unauthenticated Denial-of-Service (DoS) Vulnerabilities in BLE Daemon Service Accessed via the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Solution(s) aruba-aos-10-cve-2023-45622 References https://attackerkb.com/topics/cve-2023-45622 CVE - 2023-45622 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Aruba AOS-10: CVE-2023-45623: Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Wi-Fi Uplink Service Accessed via the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Solution(s) aruba-aos-10-cve-2023-45623 References https://attackerkb.com/topics/cve-2023-45623 CVE - 2023-45623 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

APSB23-54:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-44336) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-44336 CVE - 2023-44336 https://helpx.adobe.com/security/products/reader/apsb23-54.html

Oracle Linux: CVE-2023-20592: ELSA-2024-3178:linux-firmware security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:M/C:N/I:C/A:N) Published 11/14/2023 Created 05/29/2024 Added 05/28/2024 Modified 01/07/2025 Description Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine (VM) memory integrity. Solution(s) oracle-linux-upgrade-iwl1000-firmware oracle-linux-upgrade-iwl100-firmware oracle-linux-upgrade-iwl105-firmware oracle-linux-upgrade-iwl135-firmware oracle-linux-upgrade-iwl2000-firmware oracle-linux-upgrade-iwl2030-firmware oracle-linux-upgrade-iwl3160-firmware oracle-linux-upgrade-iwl3945-firmware oracle-linux-upgrade-iwl4965-firmware oracle-linux-upgrade-iwl5000-firmware oracle-linux-upgrade-iwl5150-firmware oracle-linux-upgrade-iwl6000-firmware oracle-linux-upgrade-iwl6000g2a-firmware oracle-linux-upgrade-iwl6000g2b-firmware oracle-linux-upgrade-iwl6050-firmware oracle-linux-upgrade-iwl7260-firmware oracle-linux-upgrade-iwlax2xx-firmware oracle-linux-upgrade-libertas-sd8686-firmware oracle-linux-upgrade-libertas-sd8787-firmware oracle-linux-upgrade-libertas-usb8388-firmware oracle-linux-upgrade-libertas-usb8388-olpc-firmware oracle-linux-upgrade-linux-firmware oracle-linux-upgrade-linux-firmware-core References https://attackerkb.com/topics/cve-2023-20592 CVE - 2023-20592 ELSA-2024-3178