Rocky Linux: CVE-2023-27530: Satellite-6.14 (Multiple Advisories)

Rocky Linux: CVE-2023-27530: Satellite-6.14 (Multiple Advisories)

Severity

8

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

03/10/2023

Created

03/07/2024

Added

03/05/2024

Modified

01/28/2025

Description

A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.

Solution(s)

• rocky-upgrade-libdb-cxx
• rocky-upgrade-libdb-cxx-debuginfo
• rocky-upgrade-libdb-debuginfo
• rocky-upgrade-libdb-debugsource
• rocky-upgrade-libdb-sql-debuginfo
• rocky-upgrade-libdb-sql-devel-debuginfo
• rocky-upgrade-libdb-utils-debuginfo
• rocky-upgrade-pcs
• rocky-upgrade-pcs-snmp

References

• https://attackerkb.com/topics/cve-2023-27530
• CVE - 2023-27530
• https://errata.rockylinux.org/RLSA-2023:2652
• https://errata.rockylinux.org/RLSA-2023:3082
• https://errata.rockylinux.org/RLSA-2023:6818