ISHACK AI BOT

XnSoft XnView: CVE-2023-46587: Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file. Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 11/16/2023 Added 11/14/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file. Solution(s) xnsoft-xnview-upgrade-2_51_7 References https://attackerkb.com/topics/cve-2023-46587 CVE - 2023-46587

Huawei EulerOS: CVE-2023-46246: vim security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/27/2023 Created 01/30/2024 Added 01/29/2024 Modified 01/30/2025 Description Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. Solution(s) huawei-euleros-2_0_sp11-upgrade-vim-common huawei-euleros-2_0_sp11-upgrade-vim-enhanced huawei-euleros-2_0_sp11-upgrade-vim-filesystem huawei-euleros-2_0_sp11-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-46246 CVE - 2023-46246 EulerOS-SA-2024-1130

VMware Photon OS: CVE-2023-46853 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-46853 CVE - 2023-46853

VMware Photon OS: CVE-2023-46813 Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-46813 CVE - 2023-46813

Amazon Linux AMI 2: CVE-2023-34059: Security patch for open-vm-tools (ALAS-2023-2329) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) amazon-linux-ami-2-upgrade-open-vm-tools amazon-linux-ami-2-upgrade-open-vm-tools-debuginfo amazon-linux-ami-2-upgrade-open-vm-tools-desktop amazon-linux-ami-2-upgrade-open-vm-tools-devel amazon-linux-ami-2-upgrade-open-vm-tools-salt-minion amazon-linux-ami-2-upgrade-open-vm-tools-sdmp amazon-linux-ami-2-upgrade-open-vm-tools-test References https://attackerkb.com/topics/cve-2023-34059 AL2/ALAS-2023-2329 CVE - 2023-34059

Amazon Linux AMI 2: CVE-2023-46246: Security patch for vim (ALAS-2023-2338) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/27/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/30/2025 Description Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. Solution(s) amazon-linux-ami-2-upgrade-vim-common amazon-linux-ami-2-upgrade-vim-data amazon-linux-ami-2-upgrade-vim-debuginfo amazon-linux-ami-2-upgrade-vim-enhanced amazon-linux-ami-2-upgrade-vim-filesystem amazon-linux-ami-2-upgrade-vim-minimal amazon-linux-ami-2-upgrade-vim-x11 amazon-linux-ami-2-upgrade-xxd References https://attackerkb.com/topics/cve-2023-46246 AL2/ALAS-2023-2338 CVE - 2023-46246

Red Hat: CVE-2023-34058: open-vm-tools: SAML token signature bypass (Multiple Advisories) Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Solution(s) redhat-upgrade-open-vm-tools redhat-upgrade-open-vm-tools-debuginfo redhat-upgrade-open-vm-tools-debugsource redhat-upgrade-open-vm-tools-desktop redhat-upgrade-open-vm-tools-desktop-debuginfo redhat-upgrade-open-vm-tools-devel redhat-upgrade-open-vm-tools-salt-minion redhat-upgrade-open-vm-tools-sdmp redhat-upgrade-open-vm-tools-sdmp-debuginfo redhat-upgrade-open-vm-tools-test redhat-upgrade-open-vm-tools-test-debuginfo References CVE-2023-34058 RHSA-2023:7263 RHSA-2023:7264 RHSA-2023:7265 RHSA-2023:7267 RHSA-2023:7276 RHSA-2023:7277 RHSA-2023:7279 View more

Red Hat: CVE-2023-46813: kernel: SEV-ES local priv escalation (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 01/27/2024 Added 01/26/2024 Modified 12/05/2024 Description An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-46813 RHSA-2024:0431 RHSA-2024:0432 RHSA-2024:0439 RHSA-2024:0448 RHSA-2024:0461 RHSA-2024:0575 RHSA-2024:0724 RHSA-2024:0881 RHSA-2024:0897 View more

Apache ActiveMQ: CVE-2023-46604: Unbounded deserialization causes ActiveMQ Classic to be vulnerable to a remote code execution (RCE) attack Severity 10 CVSS (AV:N/AC:L/Au:N/C:P/I:C/A:C) Published 10/27/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/20/2025 Description The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue. Solution(s) apache-activemq-upgrade-latest References https://attackerkb.com/topics/cve-2023-46604 CVE - 2023-46604 http://seclists.org/fulldisclosure/2024/Apr/18 https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html https://security.netapp.com/advisory/ntap-20231110-0010/ https://www.openwall.com/lists/oss-security/2023/10/27/5 View more

Debian: CVE-2023-46604: activemq -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue. Solution(s) debian-upgrade-activemq References https://attackerkb.com/topics/cve-2023-46604 CVE - 2023-46604 DLA-3657-1

Ubuntu: USN-6476-1 (CVE-2023-46852): Memcached vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/27/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/30/2025 Description In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. Solution(s) ubuntu-upgrade-memcached References https://attackerkb.com/topics/cve-2023-46852 CVE - 2023-46852 USN-6476-1

Ubuntu: USN-6476-1 (CVE-2023-46853): Memcached vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. Solution(s) ubuntu-upgrade-memcached References https://attackerkb.com/topics/cve-2023-46853 CVE - 2023-46853 USN-6476-1

Apache ActiveMQ Unauthenticated Remote Code Execution Disclosed 10/27/2023 Created 11/06/2023 Description This module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ. Affected versions include 5.18.0 through to 5.18.2, 5.17.0 through to 5.17.5, 5.16.0 through to 5.16.6, and all versions before 5.15.16. Author(s) X1r0z sfewer-r7 Platform Linux,Unix,Windows Architectures cmd Development Source Code History

Alpine Linux: CVE-2023-46246: Integer Overflow or Wraparound Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:P) Published 10/27/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. Solution(s) alpine-linux-upgrade-vim References https://attackerkb.com/topics/cve-2023-46246 CVE - 2023-46246 https://security.alpinelinux.org/vuln/CVE-2023-46246

SUSE: CVE-2023-34058: SUSE Linux Security Advisory Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 10/31/2023 Added 10/30/2023 Modified 01/28/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Solution(s) suse-upgrade-libvmtools-devel suse-upgrade-libvmtools0 suse-upgrade-open-vm-tools suse-upgrade-open-vm-tools-containerinfo suse-upgrade-open-vm-tools-desktop suse-upgrade-open-vm-tools-salt-minion suse-upgrade-open-vm-tools-sdmp References https://attackerkb.com/topics/cve-2023-34058 CVE - 2023-34058

Alpine Linux: CVE-2023-46852: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/27/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. Solution(s) alpine-linux-upgrade-memcached References https://attackerkb.com/topics/cve-2023-46852 CVE - 2023-46852 https://security.alpinelinux.org/vuln/CVE-2023-46852

Rocky Linux: CVE-2023-34059: open-vm-tools (RLSA-2023-7265) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) rocky-upgrade-open-vm-tools rocky-upgrade-open-vm-tools-debuginfo rocky-upgrade-open-vm-tools-debugsource rocky-upgrade-open-vm-tools-desktop rocky-upgrade-open-vm-tools-desktop-debuginfo rocky-upgrade-open-vm-tools-salt-minion rocky-upgrade-open-vm-tools-sdmp rocky-upgrade-open-vm-tools-sdmp-debuginfo References https://attackerkb.com/topics/cve-2023-34059 CVE - 2023-34059 https://errata.rockylinux.org/RLSA-2023:7265

SUSE: CVE-2023-46813: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-46813 CVE - 2023-46813

Rocky Linux: CVE-2023-34058: open-vm-tools (RLSA-2023-7265) Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Solution(s) rocky-upgrade-open-vm-tools rocky-upgrade-open-vm-tools-debuginfo rocky-upgrade-open-vm-tools-debugsource rocky-upgrade-open-vm-tools-desktop rocky-upgrade-open-vm-tools-desktop-debuginfo rocky-upgrade-open-vm-tools-salt-minion rocky-upgrade-open-vm-tools-sdmp rocky-upgrade-open-vm-tools-sdmp-debuginfo References https://attackerkb.com/topics/cve-2023-34058 CVE - 2023-34058 https://errata.rockylinux.org/RLSA-2023:7265

VMware Photon OS: CVE-2023-46246 Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:P) Published 10/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-46246 CVE - 2023-46246

Amazon Linux 2023: CVE-2023-46246: Medium priority package update for vim Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:P) Published 10/27/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo amazon-linux-2023-upgrade-xxd amazon-linux-2023-upgrade-xxd-debuginfo References https://attackerkb.com/topics/cve-2023-46246 CVE - 2023-46246 https://alas.aws.amazon.com/AL2023/ALAS-2023-431.html

Ubuntu: (Multiple Advisories) (CVE-2023-34058): Open VM Tools vulnerabilities Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Solution(s) ubuntu-pro-upgrade-open-vm-tools ubuntu-pro-upgrade-open-vm-tools-desktop References https://attackerkb.com/topics/cve-2023-34058 CVE - 2023-34058 USN-6463-1 USN-6463-2

Alpine Linux: CVE-2023-46490: SQL Injection Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 10/27/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function. Solution(s) alpine-linux-upgrade-cacti References https://attackerkb.com/topics/cve-2023-46490 CVE - 2023-46490 https://security.alpinelinux.org/vuln/CVE-2023-46490

Alma Linux: CVE-2023-34059: Important: open-vm-tools security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) alma-upgrade-open-vm-tools alma-upgrade-open-vm-tools-desktop alma-upgrade-open-vm-tools-salt-minion alma-upgrade-open-vm-tools-sdmp alma-upgrade-open-vm-tools-test References https://attackerkb.com/topics/cve-2023-34059 CVE - 2023-34059 https://errata.almalinux.org/8/ALSA-2023-7265.html https://errata.almalinux.org/9/ALSA-2023-7277.html

Ubuntu: (Multiple Advisories) (CVE-2023-46813): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 12/07/2023 Added 12/06/2023 Modified 01/28/2025 Description An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1036-gkeop ubuntu-upgrade-linux-image-5-15-0-1044-nvidia ubuntu-upgrade-linux-image-5-15-0-1044-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1046-ibm ubuntu-upgrade-linux-image-5-15-0-1046-raspi ubuntu-upgrade-linux-image-5-15-0-1047-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1048-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1050-gke ubuntu-upgrade-linux-image-5-15-0-1050-kvm ubuntu-upgrade-linux-image-5-15-0-1051-gcp ubuntu-upgrade-linux-image-5-15-0-1051-oracle ubuntu-upgrade-linux-image-5-15-0-1053-aws ubuntu-upgrade-linux-image-5-15-0-1056-azure ubuntu-upgrade-linux-image-5-15-0-1056-azure-fde ubuntu-upgrade-linux-image-5-15-0-94-generic ubuntu-upgrade-linux-image-5-15-0-94-generic-64k ubuntu-upgrade-linux-image-5-15-0-94-generic-lpae ubuntu-upgrade-linux-image-5-15-0-94-lowlatency ubuntu-upgrade-linux-image-5-15-0-94-lowlatency-64k ubuntu-upgrade-linux-image-6-1-0-1027-oem ubuntu-upgrade-linux-image-6-5-0-1007-starfive ubuntu-upgrade-linux-image-6-5-0-1009-laptop ubuntu-upgrade-linux-image-6-5-0-1010-raspi ubuntu-upgrade-linux-image-6-5-0-1013-aws ubuntu-upgrade-linux-image-6-5-0-1013-gcp ubuntu-upgrade-linux-image-6-5-0-1014-oem ubuntu-upgrade-linux-image-6-5-0-1015-azure ubuntu-upgrade-linux-image-6-5-0-1015-azure-fde ubuntu-upgrade-linux-image-6-5-0-1015-oracle ubuntu-upgrade-linux-image-6-5-0-17-generic ubuntu-upgrade-linux-image-6-5-0-17-generic-64k ubuntu-upgrade-linux-image-6-5-0-17-lowlatency ubuntu-upgrade-linux-image-6-5-0-17-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-laptop-23-10 ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2023-46813 CVE - 2023-46813 USN-6533-1 USN-6624-1 USN-6626-1 USN-6626-2 USN-6626-3 USN-6628-1 USN-6628-2 USN-6652-1 View more