edk2 security, bug fix, and enhancement update

20230524-3 - edk2-OvmfPkg-AmdSev-fix-BdsPlatform.c-assertion-failure-d.patch bz2190244 - edk2-OvmfPkg-IoMmuDxe-add-locking-to-IoMmuAllocateBounceB.patch bz2211060 - edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch bz2218196 - Resolves: bz2190244 EDK2 AMDSERVER 9.3 Bug OVMF AP Creatio...

mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

kernel: KVM: VMX: Fix crash due to uninitialized current_vmcs

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

kernel: KVM: nVMX: missing consistency checks for CR0 and CR4

A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...

Rocky Linux 8 : kernel-rt (RLSA-2021:3547)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:3547 advisory. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provide...

Rocky Linux 8 : kernel (RLSA-2021:3548)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:3548 advisory. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provide...

AZL-35596 CVE-2023-5088 affecting package qemu for versions less than 6.2.0-21

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

Denial Of Service (DoS)

jtidy is vulnerable to Denial of Service DoS. The vulnerability is due to lack of nesting depth checks in the library, which allows an attacker to cause an application crash through a stack overflow by parsing a deeply nested html string...

Denial of service vulnerability on creating a Launch with too many recursively nested elements in reportportal

Impact ReportPortal database becomes unstable and reporting almost fully stops except for small launches with approximately 1 test inside when the testitem.path field is exceeded the allowable "ltree" field type indexing limit path length=120 approximately, recursive nesting of the nested steps...

GHSA-MJ24-GPW7-23M9 Denial of service vulnerability on creating a Launch with too many recursively nested elements in reportportal

Impact ReportPortal database becomes unstable and reporting almost fully stops except for small launches with approximately 1 test inside when the testitem.path field is exceeded the allowable "ltree" field type indexing limit path length=120 approximately, recursive nesting of the nested steps...

CVE-2023-25822 ReportPortal DoS vulnerability on creating a Launch with too many recursively nested elements

ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the com.epam.reportportal:service-api module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches with approximately 1...

CVE-2023-25822 ReportPortal DoS vulnerability on creating a Launch with too many recursively nested elements

ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the com.epam.reportportal:service-api module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches with approximately 1...

Potential Gas Limit Issue with Bulk Score Updates

Lines of code Vulnerability details The updateScores function, which updates scores for multiple users, uses a nested loop structure. This can lead to a situation where if the users array is large and each user has many markets to update, the function could run out of gas. Impact If the function...

GHSA-8MJR-6C96-39W8 pydash Command Injection vulnerability

This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke and pydash.collections.invokemap accept dotted paths Deep Path Strings to target a nested Python object, relative to the original source object. These paths can be used to target...

pydash Command Injection vulnerability

This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke and pydash.collections.invokemap accept dotted paths Deep Path Strings to target a nested Python object, relative to the original source object. These paths can be used to target...

CVE-2023-26145

This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke and pydash.collections.invokemap accept dotted paths Deep Path Strings to target a nested Python object, relative to the original source object. These paths can be used to target...

Amazon Linux 2 : microvm-kernel (ALASMICROVM-KERNEL-4.14-2023-003)

The version of microvm-kernel installed on the remote host is prior to 4.14.246-200.474. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2MICROVM-KERNEL-4.14-2023-003 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the...

Amazon Linux 2 : microvm-kernel (ALASMICROVM-KERNEL-4.14-2023-002)

The version of microvm-kernel installed on the remote host is prior to 4.14.246-199.474. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2MICROVM-KERNEL-4.14-2023-002 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the...