ISHACK AI BOT

Oracle Linux: CVE-2023-46753: ELSA-2024-2981:frr security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 05/21/2024 Added 05/15/2024 Modified 01/07/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. A flaw was found in FRRouting. A crash can occur for a crafted BGP UPDATE message without mandatory attributes (for example, one with only an unknown transit attribute). Solution(s) oracle-linux-upgrade-frr oracle-linux-upgrade-frr-selinux References https://attackerkb.com/topics/cve-2023-46753 CVE - 2023-46753 ELSA-2024-2981 ELSA-2024-2156

OS X update for WindowServer (CVE-2023-41975) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access the microphone without the microphone use indicator being shown. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-41975 CVE - 2023-41975 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

VMware Photon OS: CVE-2023-46852 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-46852 CVE - 2023-46852

Red Hat: CVE-2023-34059: open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper (Multiple Advisories) Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. Solution(s) redhat-upgrade-open-vm-tools redhat-upgrade-open-vm-tools-debuginfo redhat-upgrade-open-vm-tools-debugsource redhat-upgrade-open-vm-tools-desktop redhat-upgrade-open-vm-tools-desktop-debuginfo redhat-upgrade-open-vm-tools-devel redhat-upgrade-open-vm-tools-salt-minion redhat-upgrade-open-vm-tools-sdmp redhat-upgrade-open-vm-tools-sdmp-debuginfo redhat-upgrade-open-vm-tools-test redhat-upgrade-open-vm-tools-test-debuginfo References CVE-2023-34059 RHSA-2023:7263 RHSA-2023:7264 RHSA-2023:7265 RHSA-2023:7267 RHSA-2023:7276 RHSA-2023:7277 RHSA-2023:7279 View more

VMware Photon OS: CVE-2023-34058 Severity 6 CVSS (AV:A/AC:H/Au:S/C:C/I:C/A:C) Published 10/27/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been grantedGuest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privilegedGuest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-34058 CVE - 2023-34058

Ubuntu: (Multiple Advisories) (CVE-2023-46752): FRR vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. Solution(s) ubuntu-pro-upgrade-frr References https://attackerkb.com/topics/cve-2023-46752 CVE - 2023-46752 USN-6481-1 USN-6807-1

OS X update for ImageIO (CVE-2023-40416) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-40416 CVE - 2023-40416 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

Red Hat: CVE-2023-46753: frr: crafted BGP UPDATE message leading to a crash (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. Solution(s) redhat-upgrade-frr redhat-upgrade-frr-debuginfo redhat-upgrade-frr-debugsource redhat-upgrade-frr-selinux References CVE-2023-46753 RHSA-2024:2156 RHSA-2024:2981

Red Hat: CVE-2023-46752: frr: mishandled malformed data leading to a crash (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. Solution(s) redhat-upgrade-frr redhat-upgrade-frr-debuginfo redhat-upgrade-frr-debugsource redhat-upgrade-frr-selinux References CVE-2023-46752 RHSA-2024:2156 RHSA-2024:2981

Debian: CVE-2023-46753: frr -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 04/29/2024 Added 04/29/2024 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. Solution(s) debian-upgrade-frr References https://attackerkb.com/topics/cve-2023-46753 CVE - 2023-46753 DLA-3797-1

OS X update for Sandbox (CVE-2023-40425) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.7.1. An app with root privileges may be able to access private information. Solution(s) apple-osx-upgrade-12_7_1 References https://attackerkb.com/topics/cve-2023-40425 CVE - 2023-40425 https://support.apple.com/kb/HT213983

Ubuntu: USN-6800-1 (CVE-2023-46234): browserify-sign vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 10/26/2023 Created 06/07/2024 Added 06/06/2024 Modified 01/30/2025 Description browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2. Solution(s) ubuntu-pro-upgrade-node-browserify-sign References https://attackerkb.com/topics/cve-2023-46234 CVE - 2023-46234 USN-6800-1

Alma Linux: CVE-2023-46753: Moderate: frr security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/26/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. Solution(s) alma-upgrade-frr alma-upgrade-frr-selinux References https://attackerkb.com/topics/cve-2023-46753 CVE - 2023-46753 https://errata.almalinux.org/8/ALSA-2024-2981.html https://errata.almalinux.org/9/ALSA-2024-2156.html

Debian: CVE-2023-40475: gst-plugins-bad1.0 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21661. Solution(s) debian-upgrade-gst-plugins-bad1-0 References https://attackerkb.com/topics/cve-2023-40475 CVE - 2023-40475 DSA-5533-1

Debian: CVE-2023-40476: gst-plugins-bad1.0 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21768. Solution(s) debian-upgrade-gst-plugins-bad1-0 References https://attackerkb.com/topics/cve-2023-40476 CVE - 2023-40476 DSA-5533-1

Debian: CVE-2023-40474: gst-plugins-bad1.0 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21660. Solution(s) debian-upgrade-gst-plugins-bad1-0 References https://attackerkb.com/topics/cve-2023-40474 CVE - 2023-40474 DSA-5533-1

Debian: CVE-2023-46234: node-browserify-sign -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 10/26/2023 Created 10/31/2023 Added 10/30/2023 Modified 01/30/2025 Description browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2. Solution(s) debian-upgrade-node-browserify-sign References https://attackerkb.com/topics/cve-2023-46234 CVE - 2023-46234 DLA-3635-1

OS X update for Model I/O (CVE-2023-42856) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/26/2023 Created 10/27/2023 Added 10/26/2023 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-12_7_1 apple-osx-upgrade-13_6_1 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-42856 CVE - 2023-42856 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985

Huawei EulerOS: CVE-2023-46316: traceroute security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/25/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. Solution(s) huawei-euleros-2_0_sp9-upgrade-traceroute References https://attackerkb.com/topics/cve-2023-46316 CVE - 2023-46316 EulerOS-SA-2023-3351

Red Hat: CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4 (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/25/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-5730 RHSA-2023:6162 RHSA-2023:6186 RHSA-2023:6187 RHSA-2023:6188 RHSA-2023:6191 RHSA-2023:6194 RHSA-2023:6195 RHSA-2023:6199 View more

Huawei EulerOS: CVE-2023-4692: grub2 security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/25/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved. Solution(s) huawei-euleros-2_0_sp9-upgrade-grub2-common huawei-euleros-2_0_sp9-upgrade-grub2-efi-x64 huawei-euleros-2_0_sp9-upgrade-grub2-efi-x64-modules huawei-euleros-2_0_sp9-upgrade-grub2-pc huawei-euleros-2_0_sp9-upgrade-grub2-pc-modules huawei-euleros-2_0_sp9-upgrade-grub2-tools huawei-euleros-2_0_sp9-upgrade-grub2-tools-efi huawei-euleros-2_0_sp9-upgrade-grub2-tools-extra huawei-euleros-2_0_sp9-upgrade-grub2-tools-minimal References https://attackerkb.com/topics/cve-2023-4692 CVE - 2023-4692 EulerOS-SA-2023-3333

Red Hat: CVE-2023-4692: grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:M/C:C/I:C/A:C) Published 10/25/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved. Solution(s) redhat-upgrade-grub2-common redhat-upgrade-grub2-debuginfo redhat-upgrade-grub2-debugsource redhat-upgrade-grub2-efi-aa64-modules redhat-upgrade-grub2-efi-ia32 redhat-upgrade-grub2-efi-ia32-cdboot redhat-upgrade-grub2-efi-ia32-modules redhat-upgrade-grub2-efi-x64 redhat-upgrade-grub2-efi-x64-cdboot redhat-upgrade-grub2-efi-x64-modules redhat-upgrade-grub2-emu-debuginfo redhat-upgrade-grub2-pc redhat-upgrade-grub2-pc-modules redhat-upgrade-grub2-ppc64le-modules redhat-upgrade-grub2-tools redhat-upgrade-grub2-tools-debuginfo redhat-upgrade-grub2-tools-efi redhat-upgrade-grub2-tools-efi-debuginfo redhat-upgrade-grub2-tools-extra redhat-upgrade-grub2-tools-extra-debuginfo redhat-upgrade-grub2-tools-minimal redhat-upgrade-grub2-tools-minimal-debuginfo References CVE-2023-4692 RHSA-2024:2456 RHSA-2024:3184

Red Hat: CVE-2023-42852: webkitgtk: Processing web content may lead to arbitrary code execution (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/25/2023 Created 05/01/2024 Added 05/01/2024 Modified 11/27/2024 Description A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-42852 RHSA-2024:2126 RHSA-2024:2982 RHSA-2024:8492 RHSA-2024:9646

OS X update for Accounts (CVE-2023-42842) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/25/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2023-46316: traceroute: improper command line parsing (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/25/2023 Created 05/01/2024 Added 05/01/2024 Modified 01/31/2025 Description In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. Solution(s) redhat-upgrade-traceroute redhat-upgrade-traceroute-debuginfo redhat-upgrade-traceroute-debugsource References CVE-2023-46316 RHSA-2024:2483 RHSA-2024:3211 RHSA-2025:0823