Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Golang Go

Summary Vulnerabilities in golang before 1.19.10 affect the golang component that is used by IBM Event Streams CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-29403 DESCRIPTION: Golang Go could allow a...

AZL-35165 CVE-2023-1386 affecting package qemu 9.1.0-1

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

CVE-2023-1386

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

Design/Logic Flaw

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

SUSE CVE-2023-36273

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bitcalcCRC at bits.c...

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.

...

CVE-2023-25435

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits at /libtiff/tools/tiffcrop.c:3753...

libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification...

libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification...

DEBIAN-CVE-2023-30775

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c...

kernel: KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

kernel: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...

libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c...

Weak Encryption

TrustWalletCore contains Weak Encryption implementations. The vulnerability exists in mt19937 seed generation which has only 32 bits of entropy resulting in only 4 billion mnemonics which allows an attacker to brute force the private key...

Integer Overflow in Endian Library

Lines of code Vulnerability details Impact An integer overflow can lead to unexpected behavior in a smart contract, potentially causing financial loss or disruption of the contract's intended functionality. Proof of Concept If the input value passed to the function exceeds 64 bits, an integer...

Fixed rewards may also be cut

Lines of code Vulnerability details Impact Fixed rewards may change when packed. Proof of Concept In LotterySetup.packFixedRewards function packFixedRewardsuint256 memory rewards private view returns uint256 packed if rewards.length != selectionSize || rewards0 != 0 revert InvalidFixedRewardSetup...

GSD-2023-1002373 net/sched: tcindex: search key must be 16 bits

net/sched: tcindex: search key must be 16 bits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.169 by commit...

GSD-2023-1002344 net/sched: tcindex: search key must be 16 bits

net/sched: tcindex: search key must be 16 bits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.95 by commit...

SUSE-SU-2023:0635-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400155 fixes one issue. The following security issue was fixed: - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits bsc1207139...

K43404629: F5 SSH server key size vulnerability CVE-2020-5917

Security Advisory Description The BIG-IP and BIG-IQ host OpenSSH servers use keys less than 2048 bits that are no longer considered secure. CVE-2020-5917 Impact The BIG-IP system may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications. Some security scanners, such as the...