ISHACK AI BOT

Amazon Linux 2023: CVE-2023-46853: Medium priority package update for memcached Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/27/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. An off-by-one error was found in Memcached. This issue occurs when processing proxy requests in proxy mode if \n is used instead of \r\n. Solution(s) amazon-linux-2023-upgrade-memcached amazon-linux-2023-upgrade-memcached-debuginfo amazon-linux-2023-upgrade-memcached-debugsource amazon-linux-2023-upgrade-memcached-devel amazon-linux-2023-upgrade-memcached-selinux References https://attackerkb.com/topics/cve-2023-46853 CVE - 2023-46853 https://alas.aws.amazon.com/AL2023/ALAS-2023-449.html

Amazon Linux AMI: CVE-2023-46246: Security patch for vim (ALAS-2023-1893) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/27/2023 Created 12/07/2023 Added 12/05/2023 Modified 01/28/2025 Description Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1893 CVE-2023-46246

CentOS Linux: CVE-2023-34059: Important: open-vm-tools security update (CESA-2023:7279) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) centos-upgrade-open-vm-tools centos-upgrade-open-vm-tools-debuginfo centos-upgrade-open-vm-tools-desktop centos-upgrade-open-vm-tools-devel centos-upgrade-open-vm-tools-test References CVE-2023-34059

Red Hat JBossEAP: Uncontrolled Resource Consumption (CVE-2024-1635) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/27/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.. A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-1635 CVE - 2024-1635 https://access.redhat.com/security/cve/CVE-2024-1635 https://bugzilla.redhat.com/show_bug.cgi?id=2264928 https://access.redhat.com/errata/RHSA-2024:1674 https://access.redhat.com/errata/RHSA-2024:1675 https://access.redhat.com/errata/RHSA-2024:1676 https://access.redhat.com/errata/RHSA-2024:1677 View more

Debian: CVE-2023-34059: open-vm-tools -- security update Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/02/2023 Added 11/02/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) debian-upgrade-open-vm-tools References https://attackerkb.com/topics/cve-2023-34059 CVE - 2023-34059 DSA-5543-1

Ubuntu: (Multiple Advisories) (CVE-2023-34059): Open VM Tools vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) ubuntu-pro-upgrade-open-vm-tools ubuntu-pro-upgrade-open-vm-tools-desktop References https://attackerkb.com/topics/cve-2023-34059 CVE - 2023-34059 USN-6463-1 USN-6463-2

FFmpeg: CVE-2023-46407: Out-of-bounds Read Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/27/2023 Created 11/10/2023 Added 11/09/2023 Modified 01/28/2025 Description FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. Solution(s) misc-no-solution-exists References https://attackerkb.com/topics/cve-2023-46407 CVE - 2023-46407

Amazon Linux 2023: CVE-2023-34059: Important priority package update for open-vm-tools Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs. Solution(s) amazon-linux-2023-upgrade-open-vm-tools amazon-linux-2023-upgrade-open-vm-tools-debuginfo amazon-linux-2023-upgrade-open-vm-tools-debugsource amazon-linux-2023-upgrade-open-vm-tools-desktop amazon-linux-2023-upgrade-open-vm-tools-desktop-debuginfo amazon-linux-2023-upgrade-open-vm-tools-devel amazon-linux-2023-upgrade-open-vm-tools-salt-minion amazon-linux-2023-upgrade-open-vm-tools-sdmp amazon-linux-2023-upgrade-open-vm-tools-sdmp-debuginfo amazon-linux-2023-upgrade-open-vm-tools-test amazon-linux-2023-upgrade-open-vm-tools-test-debuginfo References https://attackerkb.com/topics/cve-2023-34059 CVE - 2023-34059 https://alas.aws.amazon.com/AL2023/ALAS-2023-423.html

Amazon Linux 2023: CVE-2023-34058: Important priority package update for open-vm-tools Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. Solution(s) amazon-linux-2023-upgrade-open-vm-tools amazon-linux-2023-upgrade-open-vm-tools-debuginfo amazon-linux-2023-upgrade-open-vm-tools-debugsource amazon-linux-2023-upgrade-open-vm-tools-desktop amazon-linux-2023-upgrade-open-vm-tools-desktop-debuginfo amazon-linux-2023-upgrade-open-vm-tools-devel amazon-linux-2023-upgrade-open-vm-tools-salt-minion amazon-linux-2023-upgrade-open-vm-tools-sdmp amazon-linux-2023-upgrade-open-vm-tools-sdmp-debuginfo amazon-linux-2023-upgrade-open-vm-tools-test amazon-linux-2023-upgrade-open-vm-tools-test-debuginfo References https://attackerkb.com/topics/cve-2023-34058 CVE - 2023-34058 https://alas.aws.amazon.com/AL2023/ALAS-2023-423.html

OS X update for Weather (CVE-2023-41254) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-41254 CVE - 2023-41254 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

Oracle Linux: CVE-2023-34059: ELSA-2023-7279:open-vm-tools security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 11/21/2023 Added 11/17/2023 Modified 01/07/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs. Solution(s) oracle-linux-upgrade-open-vm-tools oracle-linux-upgrade-open-vm-tools-desktop oracle-linux-upgrade-open-vm-tools-devel oracle-linux-upgrade-open-vm-tools-salt-minion oracle-linux-upgrade-open-vm-tools-sdmp oracle-linux-upgrade-open-vm-tools-test References https://attackerkb.com/topics/cve-2023-34059 CVE - 2023-34059 ELSA-2023-7279 ELSA-2023-7277 ELSA-2023-7265

FreeBSD: VID-D2505EC7-78EA-11EE-9131-6F01853956D5 (CVE-2023-34059): open-vm-tools -- Multiple vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/26/2023 Created 11/04/2023 Added 11/02/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) freebsd-upgrade-package-open-vm-tools freebsd-upgrade-package-open-vm-tools-nox11 References CVE-2023-34059

FreeBSD: VID-D2505EC7-78EA-11EE-9131-6F01853956D5 (CVE-2023-34058): open-vm-tools -- Multiple vulnerabilities Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 11/04/2023 Added 11/02/2023 Modified 01/28/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Solution(s) freebsd-upgrade-package-open-vm-tools freebsd-upgrade-package-open-vm-tools-nox11 References CVE-2023-34058

OS X update for CoreAnimation (CVE-2023-40449) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to cause a denial-of-service. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-40449 CVE - 2023-40449 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

OS X update for Find My (CVE-2023-40413) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-40413 CVE - 2023-40413 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

Ubuntu: (Multiple Advisories) (CVE-2023-46753): FRR vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. Solution(s) ubuntu-pro-upgrade-frr ubuntu-pro-upgrade-quagga ubuntu-pro-upgrade-quagga-bgpd References https://attackerkb.com/topics/cve-2023-46753 CVE - 2023-46753 USN-6481-1 USN-6482-1 USN-6807-1

Apple Safari security update for CVE-2023-42852 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. Solution(s) apple-safari-upgrade-17_1 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-42852 CVE - 2023-42852 http://support.apple.com/kb/HT213986

Apple Safari security update for CVE-2023-41983 Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service. Solution(s) apple-safari-upgrade-17_1 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-41983 CVE - 2023-41983 http://support.apple.com/kb/HT213986

Apple Safari security update for CVE-2023-40447 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. Solution(s) apple-safari-upgrade-17_1 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-40447 CVE - 2023-40447 http://support.apple.com/kb/HT213986

OS X update for Foundation (CVE-2023-42844) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-42844 CVE - 2023-42844 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

OS X update for talagent (CVE-2023-40421) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-40421 CVE - 2023-40421 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

Apple Safari security update for CVE-2023-41976 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. Solution(s) apple-safari-upgrade-17_1 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-41976 CVE - 2023-41976 http://support.apple.com/kb/HT213986

Alma Linux: CVE-2023-46752: Moderate: frr security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. Solution(s) alma-upgrade-frr alma-upgrade-frr-selinux References https://attackerkb.com/topics/cve-2023-46752 CVE - 2023-46752 https://errata.almalinux.org/8/ALSA-2024-2981.html https://errata.almalinux.org/9/ALSA-2024-2156.html

Oracle Linux: CVE-2023-46752: ELSA-2024-2981:frr security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 05/21/2024 Added 05/15/2024 Modified 01/07/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. A data mishandling vulnerability was found in FRRouting. A malformed MP_REACH_NLRI data can lead to a crash, resulting in a denial of service. Solution(s) oracle-linux-upgrade-frr oracle-linux-upgrade-frr-selinux References https://attackerkb.com/topics/cve-2023-46752 CVE - 2023-46752 ELSA-2024-2981 ELSA-2024-2156

Oracle Linux: CVE-2023-34058: ELSA-2023-7279:open-vm-tools security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 11/21/2023 Added 11/17/2023 Modified 01/07/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. Solution(s) oracle-linux-upgrade-open-vm-tools oracle-linux-upgrade-open-vm-tools-desktop oracle-linux-upgrade-open-vm-tools-devel oracle-linux-upgrade-open-vm-tools-salt-minion oracle-linux-upgrade-open-vm-tools-sdmp oracle-linux-upgrade-open-vm-tools-test References https://attackerkb.com/topics/cve-2023-34058 CVE - 2023-34058 ELSA-2023-7279 ELSA-2023-7277 ELSA-2023-7265