Medium: hsqldb

Issue Overview: A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. CVE-2023-1183 Affected Packages: hsqldb...

Medium: hsqldb

Issue Overview: A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. CVE-2023-1183 Affected Packages: hsqldb...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...

Low: ImageMagick

Issue Overview: A flaw was found in ImageMagick, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...

Important: tigervnc

Issue Overview: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-043)

The version of kernel installed on the remote host is prior to 5.15.158-103.164. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-043 advisory. In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify a...

Medium: kernel

Issue Overview: fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact because of incorrect fpufpregsownerctx caching,...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-056)

The version of kernel installed on the remote host is prior to 5.10.215-203.850. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-056 advisory. 2024-07-03: CVE-2024-26643 was added to this advisory. 2024-07-03: CVE-2024-26642 was added to this...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-057)

The version of kernel installed on the remote host is prior to 5.10.216-204.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-057 advisory. 2024-05-23: CVE-2024-26923 was added to this advisory. In the Linux kernel, the following vulnerability...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-042)

The version of kernel installed on the remote host is prior to 5.15.156-102.160. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-042 advisory. 2024-07-03: CVE-2024-26642 was added to this advisory. 2024-07-03: CVE-2024-26629 was added to this...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-008)

The version of java-11-openjdk installed on the remote host is prior to 11.0.23.0.9-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2024-008 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-066)

The version of kernel installed on the remote host is prior to 5.4.20-12.75. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-066 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used,...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-065)

The version of kernel installed on the remote host is prior to 5.4.275-189.375. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-065 advisory. 2024-05-23: CVE-2024-26923 was added to this advisory. A flaw was found in the smb client in the Linux...

Important: ghostscript

Issue Overview: Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...

Amazon Linux 2 : golang, --advisory ALAS2-2024-2545 (ALAS-2024-2545)

The version of golang installed on the remote host is prior to 1.13.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2545 advisory. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key...

Amazon Linux 2 : flatpak (ALAS-2024-2538)

The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2538 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9,...

Important: unbound

Issue Overview: An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a maliciously designed authority and response amplification. CVE-2024-33655 Affected Packages: unbound Note: This advisory is applicable to Amazon Linux 2 AL2 Co...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...

Medium: edk2

Issue Overview: Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem...