ISHACK AI BOT

SUSE: CVE-2023-5852: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-gn References https://attackerkb.com/topics/cve-2023-5852 CVE - 2023-5852

OS X update for WebKit (CVE-2022-32933) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode. Solution(s) apple-osx-upgrade-12_5 References https://attackerkb.com/topics/cve-2022-32933 CVE - 2022-32933 https://support.apple.com/kb/HT213345

Ubuntu: (CVE-2023-1192): linux vulnerability Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 11/01/2023 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-gkeop-5-15 ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-15 ubuntu-upgrade-linux-intel-iot-realtime ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-nvidia ubuntu-upgrade-linux-oem-6-1 ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv-5-15 ubuntu-upgrade-linux-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-1192 CVE - 2023-1192 https://www.cve.org/CVERecord?id=CVE-2023-1192

Alpine Linux: CVE-2023-46724: Improper Certificate Validation Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/01/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/14/2024 Description Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages. Solution(s) alpine-linux-upgrade-squid References https://attackerkb.com/topics/cve-2023-46724 CVE - 2023-46724 https://security.alpinelinux.org/vuln/CVE-2023-46724

Alpine Linux: CVE-2023-20246: Vulnerability in Snort Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system. Solution(s) alpine-linux-upgrade-snort References https://attackerkb.com/topics/cve-2023-20246 CVE - 2023-20246 https://security.alpinelinux.org/vuln/CVE-2023-20246

Debian: CVE-2023-1193: linux -- security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 11/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1193 CVE - 2023-1193

Debian: CVE-2023-45024: request-tracker5 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder. Solution(s) debian-upgrade-request-tracker5 References https://attackerkb.com/topics/cve-2023-45024 CVE - 2023-45024 DSA-5541-1

Gentoo Linux: CVE-2023-5853: QtWebEngine: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-5853 CVE - 2023-5853 202311-11 202312-07 202401-34

Debian: CVE-2023-1192: linux -- security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 11/01/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1192 CVE - 2023-1192

Alma Linux: CVE-2023-46724: Important: squid:4 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/01/2023 Created 01/10/2024 Added 01/09/2024 Modified 01/30/2025 Description Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages. Solution(s) alma-upgrade-libecap alma-upgrade-libecap-devel alma-upgrade-squid References https://attackerkb.com/topics/cve-2023-46724 CVE - 2023-46724 https://errata.almalinux.org/8/ALSA-2024-0046.html https://errata.almalinux.org/9/ALSA-2024-0071.html

Alma Linux: CVE-2023-5178: Important: kernel security and bug fix update (ALSA-2023-7549) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/01/2023 Created 12/05/2023 Added 12/04/2023 Modified 01/28/2025 Description A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-5178 CVE - 2023-5178 https://errata.almalinux.org/8/ALSA-2023-7549.html

OS X update for Safari (CVE-2022-46708) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/01/2023 Created 11/01/2023 Added 11/01/2023 Modified 07/19/2024 Description Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none. Solution(s) apple-osx-upgrade-12_5 References https://attackerkb.com/topics/cve-2022-46708 CVE - 2022-46708 https://support.apple.com/kb/HT213345

Gentoo Linux: CVE-2023-5856: QtWebEngine: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-5856 CVE - 2023-5856 202311-11 202312-07 202401-34

Alpine Linux: CVE-2023-5849: Integer Overflow or Wraparound Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) alpine-linux-upgrade-qt5-qtwebengine alpine-linux-upgrade-qt6-qtwebengine References https://attackerkb.com/topics/cve-2023-5849 CVE - 2023-5849 https://security.alpinelinux.org/vuln/CVE-2023-5849

Microsoft Edge Chromium: CVE-2023-5850 Incorrect security UI in Downloads Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-5850 CVE - 2023-5850 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-5850

SUSE: CVE-2023-5853: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-gn References https://attackerkb.com/topics/cve-2023-5853 CVE - 2023-5853

Microsoft Edge Chromium: CVE-2023-5851 Inappropriate implementation in Downloads Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-5851 CVE - 2023-5851 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-5851

Microsoft Edge Chromium: CVE-2023-5852 Use after free in Printing Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-5852 CVE - 2023-5852 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-5852

Microsoft Edge Chromium: CVE-2023-5853 Incorrect security UI in Downloads Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-5853 CVE - 2023-5853 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-5853

Microsoft Edge Chromium: CVE-2023-5854 Use after free in Profiles Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-5854 CVE - 2023-5854 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-5854

SUSE: CVE-2023-5480: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 11/01/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-gn References https://attackerkb.com/topics/cve-2023-5480 CVE - 2023-5480

Huawei EulerOS: CVE-2023-5178: kernel security update Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/01/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-5178 CVE - 2023-5178 EulerOS-SA-2024-1196

Red Hat: CVE-2023-5178: kernel: use after free in nvmet_tcp_free_crypto in NVMe (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/01/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-5178 RHSA-2023:7370 RHSA-2023:7379 RHSA-2023:7418 RHSA-2023:7548 RHSA-2023:7549 RHSA-2023:7554 RHSA-2024:0340 RHSA-2024:0378 RHSA-2024:0386 RHSA-2024:0412 RHSA-2024:0431 RHSA-2024:0432 RHSA-2024:0461 RHSA-2024:0554 RHSA-2024:0575 View more

Red Hat: CVE-2023-3972: unsafe handling of temporary files and directories (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/01/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide). Solution(s) redhat-upgrade-insights-client References CVE-2023-3972 RHSA-2023:6282 RHSA-2023:6283 RHSA-2023:6284 RHSA-2023:6795 RHSA-2023:6796

Cisco FTD: CVE-2023-20070: Cisco Firepower Threat Defense Software Snort 3 Detection Engine Denial of Service Vulnerability Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 11/01/2023 Created 02/07/2025 Added 01/29/2025 Modified 02/12/2025 Description A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required. Solution(s) cisco-ftd-upgrade-latest References https://attackerkb.com/topics/cve-2023-20070 CVE - 2023-20070 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV cisco-sa-ftd-snort3-uAnUntcV