ISHACK AI BOT

Oracle Linux: CVE-2023-5869: ELSA-2023-7783:postgresql security update (IMPORTANT) (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/09/2023 Created 12/20/2023 Added 12/14/2023 Modified 01/07/2025 Description A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory. Solution(s) oracle-linux-upgrade-pgaudit oracle-linux-upgrade-pg-repack oracle-linux-upgrade-postgres-decoderbufs oracle-linux-upgrade-postgresql oracle-linux-upgrade-postgresql-contrib oracle-linux-upgrade-postgresql-devel oracle-linux-upgrade-postgresql-docs oracle-linux-upgrade-postgresql-libs oracle-linux-upgrade-postgresql-plperl oracle-linux-upgrade-postgresql-plpython oracle-linux-upgrade-postgresql-plpython3 oracle-linux-upgrade-postgresql-pltcl oracle-linux-upgrade-postgresql-private-devel oracle-linux-upgrade-postgresql-private-libs oracle-linux-upgrade-postgresql-server oracle-linux-upgrade-postgresql-server-devel oracle-linux-upgrade-postgresql-static oracle-linux-upgrade-postgresql-test oracle-linux-upgrade-postgresql-test-rpm-macros oracle-linux-upgrade-postgresql-upgrade oracle-linux-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2023-5869 CVE - 2023-5869 ELSA-2023-7783 ELSA-2023-7785 ELSA-2023-7790 ELSA-2023-7884 ELSA-2023-7714 ELSA-2023-7581 ELSA-2023-7784 View more

Huawei EulerOS: CVE-2023-39198: kernel security update Severity 6 CVSS (AV:L/AC:M/Au:M/C:C/I:C/A:C) Published 11/09/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-39198 CVE - 2023-39198 EulerOS-SA-2024-1196

Oracle Linux: CVE-2023-5868: ELSA-2023-7785:postgresql:15 security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 11/09/2023 Created 12/20/2023 Added 12/14/2023 Modified 01/07/2025 Description A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. Solution(s) oracle-linux-upgrade-pgaudit oracle-linux-upgrade-pg-repack oracle-linux-upgrade-postgres-decoderbufs oracle-linux-upgrade-postgresql oracle-linux-upgrade-postgresql-contrib oracle-linux-upgrade-postgresql-docs oracle-linux-upgrade-postgresql-plperl oracle-linux-upgrade-postgresql-plpython3 oracle-linux-upgrade-postgresql-pltcl oracle-linux-upgrade-postgresql-private-devel oracle-linux-upgrade-postgresql-private-libs oracle-linux-upgrade-postgresql-server oracle-linux-upgrade-postgresql-server-devel oracle-linux-upgrade-postgresql-static oracle-linux-upgrade-postgresql-test oracle-linux-upgrade-postgresql-test-rpm-macros oracle-linux-upgrade-postgresql-upgrade oracle-linux-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2023-5868 CVE - 2023-5868 ELSA-2023-7785 ELSA-2023-7884 ELSA-2023-7714 ELSA-2023-7581 ELSA-2023-7784

Moodle: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2023-5547) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 11/09/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/28/2025 Description The course upload preview contained an XSS risk for users uploading unsafe data. Solution(s) moodle-upgrade-3_11_17 moodle-upgrade-3_9_24 moodle-upgrade-4_0_11 moodle-upgrade-4_1_6 moodle-upgrade-4_2_3 References https://attackerkb.com/topics/cve-2023-5547 CVE - 2023-5547 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455 https://bugzilla.redhat.com/show_bug.cgi?id=2243447 https://moodle.org/mod/forum/discuss.php?d=451588

SUSE: CVE-2023-45283: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 11/09/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/28/2025 Description The filepath package does not recognize paths with a \??\ prefix as special. On Windows, a path beginning with \??\ is a Root Local Device path equivalent to a path beginning with \\?\. Paths with a \??\ prefix may be used to access arbitrary locations on the system. For example, the path \??\c:\x is equivalent to the more common path c:\x. Before fix, Clean could convert a rooted path such as \a\..\??\b into the root local device path \??\b. Clean will now convert this to .\??\b. Similarly, Join(\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \??\b. Join will now convert this to \.\??\b. In addition, with fix, IsAbs now correctly reports paths beginning with \??\ as absolute, and VolumeName correctly reports the \??\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \?, resulting in filepath.Clean(\?\c:) returning \?\c: rather than \?\c:\ (among other effects). The previous behavior has been restored. Solution(s) suse-upgrade-go1-20 suse-upgrade-go1-20-doc suse-upgrade-go1-20-openssl suse-upgrade-go1-20-openssl-doc suse-upgrade-go1-20-openssl-race suse-upgrade-go1-20-race suse-upgrade-go1-21 suse-upgrade-go1-21-doc suse-upgrade-go1-21-openssl suse-upgrade-go1-21-openssl-doc suse-upgrade-go1-21-openssl-race suse-upgrade-go1-21-race References https://attackerkb.com/topics/cve-2023-45283 CVE - 2023-45283

SUSE: CVE-2023-45284: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 11/09/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/28/2025 Description On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local. Solution(s) suse-upgrade-go1-20 suse-upgrade-go1-20-doc suse-upgrade-go1-20-openssl suse-upgrade-go1-20-openssl-doc suse-upgrade-go1-20-openssl-race suse-upgrade-go1-20-race suse-upgrade-go1-21 suse-upgrade-go1-21-doc suse-upgrade-go1-21-openssl suse-upgrade-go1-21-openssl-doc suse-upgrade-go1-21-openssl-race suse-upgrade-go1-21-race References https://attackerkb.com/topics/cve-2023-45284 CVE - 2023-45284

Amazon Linux 2023: CVE-2023-5868: Important priority package update for postgresql15 Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 11/09/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. Solution(s) amazon-linux-2023-upgrade-postgresql15 amazon-linux-2023-upgrade-postgresql15-contrib amazon-linux-2023-upgrade-postgresql15-contrib-debuginfo amazon-linux-2023-upgrade-postgresql15-debuginfo amazon-linux-2023-upgrade-postgresql15-debugsource amazon-linux-2023-upgrade-postgresql15-docs amazon-linux-2023-upgrade-postgresql15-docs-debuginfo amazon-linux-2023-upgrade-postgresql15-llvmjit amazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfo amazon-linux-2023-upgrade-postgresql15-plperl amazon-linux-2023-upgrade-postgresql15-plperl-debuginfo amazon-linux-2023-upgrade-postgresql15-plpython3 amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfo amazon-linux-2023-upgrade-postgresql15-pltcl amazon-linux-2023-upgrade-postgresql15-pltcl-debuginfo amazon-linux-2023-upgrade-postgresql15-private-devel amazon-linux-2023-upgrade-postgresql15-private-libs amazon-linux-2023-upgrade-postgresql15-private-libs-debuginfo amazon-linux-2023-upgrade-postgresql15-server amazon-linux-2023-upgrade-postgresql15-server-debuginfo amazon-linux-2023-upgrade-postgresql15-server-devel amazon-linux-2023-upgrade-postgresql15-server-devel-debuginfo amazon-linux-2023-upgrade-postgresql15-static amazon-linux-2023-upgrade-postgresql15-test amazon-linux-2023-upgrade-postgresql15-test-debuginfo amazon-linux-2023-upgrade-postgresql15-test-rpm-macros amazon-linux-2023-upgrade-postgresql15-upgrade amazon-linux-2023-upgrade-postgresql15-upgrade-debuginfo amazon-linux-2023-upgrade-postgresql15-upgrade-devel amazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfo References https://attackerkb.com/topics/cve-2023-5868 CVE - 2023-5868 https://alas.aws.amazon.com/AL2023/ALAS-2024-464.html

Huawei EulerOS: CVE-2023-39198: kernel security update Severity 6 CVSS (AV:L/AC:M/Au:M/C:C/I:C/A:C) Published 11/09/2023 Created 01/30/2024 Added 01/29/2024 Modified 01/28/2025 Description A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-39198 CVE - 2023-39198 EulerOS-SA-2024-1122

Amazon Linux AMI: CVE-2023-45283: Security patch for golang (ALAS-2024-1903) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 11/09/2023 Created 01/11/2024 Added 01/09/2024 Modified 01/28/2025 Description The filepath package does not recognize paths with a \??\ prefix as special. On Windows, a path beginning with \??\ is a Root Local Device path equivalent to a path beginning with \\?\. Paths with a \??\ prefix may be used to access arbitrary locations on the system. For example, the path \??\c:\x is equivalent to the more common path c:\x. Before fix, Clean could convert a rooted path such as \a\..\??\b into the root local device path \??\b. Clean will now convert this to .\??\b. Similarly, Join(\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \??\b. Join will now convert this to \.\??\b. In addition, with fix, IsAbs now correctly reports paths beginning with \??\ as absolute, and VolumeName correctly reports the \??\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \?, resulting in filepath.Clean(\?\c:) returning \?\c: rather than \?\c:\ (among other effects). The previous behavior has been restored. Solution(s) amazon-linux-upgrade-golang References ALAS-2024-1903 CVE-2023-45283

IBM AIX: python_advisory6 (CVE-2023-45167): Vulnerability in python affects AIX Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 11/07/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/30/2025 Description IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service.IBM X-Force ID:267965. Solution(s) ibm-aix-python_advisory6 References https://attackerkb.com/topics/cve-2023-45167 CVE - 2023-45167 https://aix.software.ibm.com/aix/efixes/security/python_advisory6.asc

VMware Photon OS: CVE-2023-45284 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 11/09/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-45284 CVE - 2023-45284

Red Hat: CVE-2023-4641: shadow-utils: possible password leak during passwd(1) change (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/07/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. Solution(s) redhat-upgrade-shadow-utils redhat-upgrade-shadow-utils-debuginfo redhat-upgrade-shadow-utils-debugsource redhat-upgrade-shadow-utils-subid redhat-upgrade-shadow-utils-subid-debuginfo redhat-upgrade-shadow-utils-subid-devel References CVE-2023-4641 RHSA-2023:6632 RHSA-2023:7112 RHSA-2024:0417 RHSA-2024:2577

Huawei EulerOS: CVE-2023-4154: samba security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 11/07/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence. Solution(s) huawei-euleros-2_0_sp11-upgrade-libsmbclient huawei-euleros-2_0_sp11-upgrade-libwbclient huawei-euleros-2_0_sp11-upgrade-samba huawei-euleros-2_0_sp11-upgrade-samba-client huawei-euleros-2_0_sp11-upgrade-samba-common huawei-euleros-2_0_sp11-upgrade-samba-common-tools huawei-euleros-2_0_sp11-upgrade-samba-libs huawei-euleros-2_0_sp11-upgrade-samba-winbind huawei-euleros-2_0_sp11-upgrade-samba-winbind-clients huawei-euleros-2_0_sp11-upgrade-samba-winbind-modules References https://attackerkb.com/topics/cve-2023-4154 CVE - 2023-4154 EulerOS-SA-2023-3286

CentOS Linux: CVE-2023-4641: Low: shadow-utils security and bug fix update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/07/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. Solution(s) centos-upgrade-shadow-utils centos-upgrade-shadow-utils-debuginfo centos-upgrade-shadow-utils-debugsource centos-upgrade-shadow-utils-subid centos-upgrade-shadow-utils-subid-debuginfo References CVE-2023-4641

Debian: CVE-2023-47359: vlc -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/07/2023 Created 11/10/2023 Added 11/09/2023 Modified 01/28/2025 Description Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. Solution(s) debian-upgrade-vlc References https://attackerkb.com/topics/cve-2023-47359 CVE - 2023-47359 DSA-5545-1

SUSE: CVE-2023-46737: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 11/07/2023 Created 12/20/2023 Added 12/19/2023 Modified 01/28/2025 Description Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in an endless data attack. The root cause is that Cosign loops through all attestations fetched from the remote registry in pkg/cosign.FetchAttestations. The attacker needs to compromise the registry or make a request to a registry they control. When doing so, the attacker must return a high number of attestations in the response to Cosign. The result will be that the attacker can cause Cosign to go into a long or infinite loop that will prevent other users from verifying their data. In Kyvernos case, an attacker whose privileges are limited to making requests to the cluster can make a request with an image reference to their own registry, trigger the infinite loop and deny other users from completing their admission requests. Alternatively, the attacker can obtain control of the registry used by an organization and return a high number of attestations instead the expected number of attestations. The issue can be mitigated rather simply by setting a limit to the limit of attestations that Cosign will loop through. The limit does not need to be high to be within the vast majority of use cases and still prevent the endless data attack. This issue has been patched in version 2.2.1 and users are advised to upgrade. Solution(s) suse-upgrade-cosign References https://attackerkb.com/topics/cve-2023-46737 CVE - 2023-46737

Ubuntu: USN-6783-1 (CVE-2023-47359): VLC vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/07/2023 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. Solution(s) ubuntu-pro-upgrade-vlc ubuntu-pro-upgrade-vlc-plugin-base References https://attackerkb.com/topics/cve-2023-47359 CVE - 2023-47359 USN-6783-1

Alpine Linux: CVE-2023-4154: Out-of-bounds Write Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 11/07/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/14/2024 Description A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence. Solution(s) alpine-linux-upgrade-samba References https://attackerkb.com/topics/cve-2023-4154 CVE - 2023-4154 https://security.alpinelinux.org/vuln/CVE-2023-4154

Alma Linux: CVE-2023-5090: Important: kernel security and bug fix update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 11/06/2023 Created 07/03/2024 Added 07/03/2024 Modified 01/28/2025 Description A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2023-5090 CVE - 2023-5090 https://errata.almalinux.org/8/ALSA-2024-4211.html https://errata.almalinux.org/8/ALSA-2024-4352.html https://errata.almalinux.org/9/ALSA-2024-2758.html

Alma Linux: CVE-2023-4641: Low: shadow-utils security and bug fix update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/07/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. Solution(s) alma-upgrade-shadow-utils alma-upgrade-shadow-utils-subid alma-upgrade-shadow-utils-subid-devel References https://attackerkb.com/topics/cve-2023-4641 CVE - 2023-4641 https://errata.almalinux.org/8/ALSA-2023-7112.html https://errata.almalinux.org/9/ALSA-2023-6632.html

Alma Linux: CVE-2023-40660: Moderate: opensc security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/06/2023 Created 12/22/2023 Added 12/21/2023 Modified 01/30/2025 Description A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness. Solution(s) alma-upgrade-opensc References https://attackerkb.com/topics/cve-2023-40660 CVE - 2023-40660 https://errata.almalinux.org/8/ALSA-2023-7876.html https://errata.almalinux.org/9/ALSA-2023-7879.html

Huawei EulerOS: CVE-2023-5678: shim security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 11/06/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/30/2025 Description Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays.Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions.An application calling any of those other functions may similarly be affected.The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. Solution(s) huawei-euleros-2_0_sp8-upgrade-shim-aa64 References https://attackerkb.com/topics/cve-2023-5678 CVE - 2023-5678 EulerOS-SA-2024-1299

Alma Linux: CVE-2023-4535: Moderate: opensc security update (ALSA-2023-7879) Severity 4 CVSS (AV:L/AC:H/Au:N/C:P/I:P/A:P) Published 11/06/2023 Created 12/28/2023 Added 12/27/2023 Modified 01/30/2025 Description An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security. Solution(s) alma-upgrade-opensc References https://attackerkb.com/topics/cve-2023-4535 CVE - 2023-4535 https://errata.almalinux.org/9/ALSA-2023-7879.html

Alma Linux: CVE-2023-40661: Moderate: opensc security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 11/06/2023 Created 12/22/2023 Added 12/21/2023 Modified 01/30/2025 Description Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow compromise key generation, certificate loading, and other card management operations during enrollment. Solution(s) alma-upgrade-opensc References https://attackerkb.com/topics/cve-2023-40661 CVE - 2023-40661 https://errata.almalinux.org/8/ALSA-2023-7876.html https://errata.almalinux.org/9/ALSA-2023-7879.html

Alma Linux: CVE-2023-42669: Moderate: samba security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 11/06/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/30/2025 Description A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task. Solution(s) alma-upgrade-ctdb alma-upgrade-libnetapi alma-upgrade-libnetapi-devel alma-upgrade-libsmbclient alma-upgrade-libsmbclient-devel alma-upgrade-libwbclient alma-upgrade-libwbclient-devel alma-upgrade-python3-samba alma-upgrade-python3-samba-dc alma-upgrade-python3-samba-devel alma-upgrade-python3-samba-test alma-upgrade-samba alma-upgrade-samba-client alma-upgrade-samba-client-libs alma-upgrade-samba-common alma-upgrade-samba-common-libs alma-upgrade-samba-common-tools alma-upgrade-samba-dc-libs alma-upgrade-samba-dcerpc alma-upgrade-samba-devel alma-upgrade-samba-krb5-printing alma-upgrade-samba-ldb-ldap-modules alma-upgrade-samba-libs alma-upgrade-samba-pidl alma-upgrade-samba-test alma-upgrade-samba-test-libs alma-upgrade-samba-tools alma-upgrade-samba-usershares alma-upgrade-samba-vfs-iouring alma-upgrade-samba-winbind alma-upgrade-samba-winbind-clients alma-upgrade-samba-winbind-krb5-locator alma-upgrade-samba-winbind-modules alma-upgrade-samba-winexe References https://attackerkb.com/topics/cve-2023-42669 CVE - 2023-42669 https://errata.almalinux.org/8/ALSA-2023-7467.html https://errata.almalinux.org/9/ALSA-2023-6744.html