ISHACK AI BOT

Huawei EulerOS: CVE-2023-45802: httpd security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/30/2025 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) huawei-euleros-2_0_sp8-upgrade-httpd huawei-euleros-2_0_sp8-upgrade-httpd-devel huawei-euleros-2_0_sp8-upgrade-httpd-filesystem huawei-euleros-2_0_sp8-upgrade-httpd-manual huawei-euleros-2_0_sp8-upgrade-httpd-tools huawei-euleros-2_0_sp8-upgrade-mod_session huawei-euleros-2_0_sp8-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-45802 CVE - 2023-45802 EulerOS-SA-2024-1273

Ubuntu: USN-6506-1 (CVE-2023-43622): Apache HTTP Server vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 11/24/2023 Added 11/23/2023 Modified 01/30/2025 Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) ubuntu-upgrade-apache2 References https://attackerkb.com/topics/cve-2023-43622 CVE - 2023-43622 USN-6506-1

Alma Linux: CVE-2023-43622: Moderate: mod_http2 security update (ALSA-2024-2368) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/30/2025 Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) alma-upgrade-mod_http2 References https://attackerkb.com/topics/cve-2023-43622 CVE - 2023-43622 https://errata.almalinux.org/9/ALSA-2024-2368.html

Apache HTTPD: mod_macro buffer over-read (CVE-2023-31122) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 11/30/2023 Added 11/29/2023 Modified 02/14/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) apache-httpd-upgrade-latest References https://attackerkb.com/topics/cve-2023-31122 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/ https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/ https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/ https://security.netapp.com/advisory/ntap-20231027-0011/ CVE - 2023-31122 View more

Alma Linux: CVE-2023-45802: Moderate: httpd:2.4 security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/30/2025 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) alma-upgrade-httpd alma-upgrade-httpd-devel alma-upgrade-httpd-filesystem alma-upgrade-httpd-manual alma-upgrade-httpd-tools alma-upgrade-mod_http2 alma-upgrade-mod_ldap alma-upgrade-mod_md alma-upgrade-mod_proxy_html alma-upgrade-mod_session alma-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-45802 CVE - 2023-45802 https://errata.almalinux.org/8/ALSA-2024-3121.html https://errata.almalinux.org/9/ALSA-2024-2368.html

Ubuntu: (Multiple Advisories) (CVE-2023-31122): Apache HTTP Server vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 11/24/2023 Added 11/23/2023 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) ubuntu-pro-upgrade-apache2 References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 USN-6506-1 USN-6510-1

Huawei EulerOS: CVE-2023-45802: httpd security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/30/2025 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) huawei-euleros-2_0_sp10-upgrade-httpd huawei-euleros-2_0_sp10-upgrade-httpd-filesystem huawei-euleros-2_0_sp10-upgrade-httpd-tools huawei-euleros-2_0_sp10-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-45802 CVE - 2023-45802 EulerOS-SA-2024-1085

Huawei EulerOS: CVE-2023-31122: httpd security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) huawei-euleros-2_0_sp9-upgrade-httpd huawei-euleros-2_0_sp9-upgrade-httpd-filesystem huawei-euleros-2_0_sp9-upgrade-httpd-tools huawei-euleros-2_0_sp9-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 EulerOS-SA-2023-3334

Red Hat: CVE-2023-5633: kernel: vmwgfx: reference count issue leads to use-after-free in surface handling (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/23/2023 Created 01/12/2024 Added 01/11/2024 Modified 12/05/2024 Description The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-5633 RHSA-2024:0113 RHSA-2024:0134 RHSA-2024:0461 RHSA-2024:1404 RHSA-2024:4823 RHSA-2024:4831 View more

Red Hat: CVE-2023-45802: mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 05/01/2024 Added 05/01/2024 Modified 10/16/2024 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) redhat-upgrade-httpd redhat-upgrade-httpd-debuginfo redhat-upgrade-httpd-debugsource redhat-upgrade-httpd-devel redhat-upgrade-httpd-filesystem redhat-upgrade-httpd-manual redhat-upgrade-httpd-tools redhat-upgrade-httpd-tools-debuginfo redhat-upgrade-mod_http2 redhat-upgrade-mod_http2-debuginfo redhat-upgrade-mod_http2-debugsource redhat-upgrade-mod_ldap redhat-upgrade-mod_ldap-debuginfo redhat-upgrade-mod_md redhat-upgrade-mod_md-debuginfo redhat-upgrade-mod_md-debugsource redhat-upgrade-mod_proxy_html redhat-upgrade-mod_proxy_html-debuginfo redhat-upgrade-mod_session redhat-upgrade-mod_session-debuginfo redhat-upgrade-mod_ssl redhat-upgrade-mod_ssl-debuginfo References CVE-2023-45802 RHSA-2024:2368 RHSA-2024:2891 RHSA-2024:3121

VMware Photon OS: CVE-2023-46316 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-46316 CVE - 2023-46316

MFSA2023-45 Firefox: Security Vulnerabilities fixed in Firefox 119 (CVE-2023-5723) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119. Solution(s) mozilla-firefox-upgrade-119_0 References https://attackerkb.com/topics/cve-2023-5723 CVE - 2023-5723 http://www.mozilla.org/security/announce/2023/mfsa2023-45.html

Alpine Linux: CVE-2023-5363: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths.This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established.Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values.The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality.For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception.However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue. Solution(s) alpine-linux-upgrade-openssl References https://attackerkb.com/topics/cve-2023-5363 CVE - 2023-5363 https://security.alpinelinux.org/vuln/CVE-2023-5363

Alpine Linux: CVE-2023-5722: Observable Discrepancy Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119. Solution(s) alpine-linux-upgrade-firefox References https://attackerkb.com/topics/cve-2023-5722 CVE - 2023-5722 https://security.alpinelinux.org/vuln/CVE-2023-5722

Alpine Linux: CVE-2023-5723: Vulnerability in Multiple Components Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119. Solution(s) alpine-linux-upgrade-firefox References https://attackerkb.com/topics/cve-2023-5723 CVE - 2023-5723 https://security.alpinelinux.org/vuln/CVE-2023-5723

MFSA2023-47 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.4.1 (CVE-2023-5728) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-thunderbird-upgrade-115_4_1 References https://attackerkb.com/topics/cve-2023-5728 CVE - 2023-5728 http://www.mozilla.org/security/announce/2023/mfsa2023-47.html

MFSA2023-47 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.4.1 (CVE-2023-5725) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-thunderbird-upgrade-115_4_1 References https://attackerkb.com/topics/cve-2023-5725 CVE - 2023-5725 http://www.mozilla.org/security/announce/2023/mfsa2023-47.html

SUSE: CVE-2023-5633: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/23/2023 Created 12/14/2023 Added 12/13/2023 Modified 01/28/2025 Description The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-5633 CVE - 2023-5633

Oracle Linux: CVE-2023-5363: ELSA-2024-12093: openssl security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/24/2023 Created 01/26/2024 Added 01/24/2024 Modified 12/09/2024 Description Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths.This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established.Any alterations to the key length, via the &quot;keylen&quot; parameter or the IV length, via the &quot;ivlen&quot; parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values.The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality.For example, when following NIST&apos;s SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception.However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue. A flaw was found in OpenSSL in how it processes key and initialization vector (IV) lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. Both truncations and overruns of the key and the IV will produce incorrect results and could, in some cases, trigger a memory exception. Solution(s) oracle-linux-upgrade-openssl oracle-linux-upgrade-openssl-devel oracle-linux-upgrade-openssl-libs oracle-linux-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2023-5363 CVE - 2023-5363 ELSA-2024-12093 ELSA-2024-0310

Alma Linux: CVE-2023-31122: Moderate: httpd:2.4 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) alma-upgrade-httpd alma-upgrade-httpd-core alma-upgrade-httpd-devel alma-upgrade-httpd-filesystem alma-upgrade-httpd-manual alma-upgrade-httpd-tools alma-upgrade-mod_http2 alma-upgrade-mod_ldap alma-upgrade-mod_lua alma-upgrade-mod_md alma-upgrade-mod_proxy_html alma-upgrade-mod_session alma-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 https://errata.almalinux.org/8/ALSA-2024-3121.html https://errata.almalinux.org/9/ALSA-2024-2278.html

Amazon Linux AMI 2: CVE-2023-4693: Security patch for grub2 (ALAS-2023-2292) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/23/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/30/2025 Description An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk. Solution(s) amazon-linux-ami-2-upgrade-grub2 amazon-linux-ami-2-upgrade-grub2-common amazon-linux-ami-2-upgrade-grub2-debuginfo amazon-linux-ami-2-upgrade-grub2-efi-aa64 amazon-linux-ami-2-upgrade-grub2-efi-aa64-cdboot amazon-linux-ami-2-upgrade-grub2-efi-aa64-ec2 amazon-linux-ami-2-upgrade-grub2-efi-aa64-modules amazon-linux-ami-2-upgrade-grub2-efi-x64 amazon-linux-ami-2-upgrade-grub2-efi-x64-cdboot amazon-linux-ami-2-upgrade-grub2-efi-x64-ec2 amazon-linux-ami-2-upgrade-grub2-efi-x64-modules amazon-linux-ami-2-upgrade-grub2-emu amazon-linux-ami-2-upgrade-grub2-emu-modules amazon-linux-ami-2-upgrade-grub2-pc amazon-linux-ami-2-upgrade-grub2-pc-modules amazon-linux-ami-2-upgrade-grub2-tools amazon-linux-ami-2-upgrade-grub2-tools-efi amazon-linux-ami-2-upgrade-grub2-tools-extra amazon-linux-ami-2-upgrade-grub2-tools-minimal References https://attackerkb.com/topics/cve-2023-4693 AL2/ALAS-2023-2292 CVE - 2023-4693

Amazon Linux AMI 2: CVE-2023-45802: Security patch for httpd (ALAS-2023-2322) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 11/04/2023 Added 11/03/2023 Modified 01/30/2025 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) amazon-linux-ami-2-upgrade-httpd amazon-linux-ami-2-upgrade-httpd-debuginfo amazon-linux-ami-2-upgrade-httpd-devel amazon-linux-ami-2-upgrade-httpd-filesystem amazon-linux-ami-2-upgrade-httpd-manual amazon-linux-ami-2-upgrade-httpd-tools amazon-linux-ami-2-upgrade-mod_ldap amazon-linux-ami-2-upgrade-mod_md amazon-linux-ami-2-upgrade-mod_proxy_html amazon-linux-ami-2-upgrade-mod_session amazon-linux-ami-2-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-45802 AL2/ALAS-2023-2322 CVE - 2023-45802

Amazon Linux AMI 2: CVE-2023-43040: Security patch for ceph-common (ALAS-2023-2297) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/23/2023 Created 10/24/2023 Added 10/23/2023 Modified 05/16/2024 Description IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access.IBM X-Force ID:266807. Solution(s) amazon-linux-ami-2-upgrade-ceph-common amazon-linux-ami-2-upgrade-ceph-common-debuginfo amazon-linux-ami-2-upgrade-librados2 amazon-linux-ami-2-upgrade-librados2-devel amazon-linux-ami-2-upgrade-librbd1 amazon-linux-ami-2-upgrade-librbd1-devel amazon-linux-ami-2-upgrade-python-rados amazon-linux-ami-2-upgrade-python-rbd References https://attackerkb.com/topics/cve-2023-43040 AL2/ALAS-2023-2297 CVE - 2023-43040

Amazon Linux AMI 2: CVE-2023-40476: Security patch for gstreamer1-plugins-bad-free (ALAS-2023-2298) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/23/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21768. Solution(s) amazon-linux-ami-2-upgrade-gstreamer1-plugins-bad-free amazon-linux-ami-2-upgrade-gstreamer1-plugins-bad-free-debuginfo amazon-linux-ami-2-upgrade-gstreamer1-plugins-bad-free-devel References https://attackerkb.com/topics/cve-2023-40476 AL2/ALAS-2023-2298 CVE - 2023-40476

Huawei EulerOS: CVE-2023-31122: httpd security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) huawei-euleros-2_0_sp11-upgrade-httpd huawei-euleros-2_0_sp11-upgrade-httpd-filesystem huawei-euleros-2_0_sp11-upgrade-httpd-tools huawei-euleros-2_0_sp11-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 EulerOS-SA-2023-3273