Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

Important: tomcat8

Issue Overview: The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a reques...

Important: libtiff

Issue Overview: LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0795 LibTIFF 4.4.0 has an...

Medium: ImageMagick

Issue Overview: stack overflow when parsing malicious tiff image CVE-2023-3195 The upstream bug report describes this issue as follows: "A vulnerability was found in ImageMagick =7.1.1, where heap-based buffer overflow was found in coders/tiff.c." CVE-2023-3428 Affected Packages: ImageMagick Issu...

Important: golang

Issue Overview: The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules whi...

Important: grub2

Issue Overview: A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot...

Medium: fribidi

Issue Overview: A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. CVE-2022-25308 A segmentation fault SEGV flaw was found in t...

Medium: ImageMagick

Issue Overview: stack overflow when parsing malicious tiff image CVE-2023-3195 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum...

Important: ncurses

Issue Overview: ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. CVE-2023-2949...

Medium: cups

Issue Overview: A vulnerability was found in CUPS. This issue occurs due to logging data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data immediately before the connection closed, resulting in a use-after-free in cupsdAcceptClient in...

Important: gstreamer1-plugins-base

Issue Overview: Heap overwrite in subtitle parsing CVE-2023-37328 Affected Packages: gstreamer1-plugins-base Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum...

Important: open-vm-tools

Issue Overview: VMware Tools 12.0.0, 11.x.y and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. CVE-2022-31676 Affected Packages: open-vm-tools Note:...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl CVE-2021-47634 In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges""...

Important: postgresql15

Issue Overview: This enabled an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users. CVE-2023-2454 Affected Packages: postgresql15 Issue Correction: Run d...

Important: python-pillow

Issue Overview: The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function. CVE-2021-23437 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...

Medium: nodejs

Issue Overview: A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. CVE-2022-49...

Low: open-vm-tools

Issue Overview: A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. CVE-2023-20867 Affected Packages: open-vm-tools Issue Correction: Run dnf update open-vm-tools...

Low: bluez

Issue Overview: A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read50controllercapcomplete of the file tools/mgmt-tester.c of the component BlueZ. The manipulation of the argument caplen leads to null pointer dereference. It is recommended to...

Important: c-ares

Issue Overview: Denial of Service. An issue in c-ares was found where a 0-byte UDP payload can cause a Denial of Service CVE-2023-32067. Affected Packages: c-ares Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core an...

Medium: zstd

Issue Overview: In zstd, supplying an empty string as an argument to either --output-dir-flat or --output-dir-mirror may cause a buffer overrun. CVE-2022-4899 Affected Packages: zstd Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

Medium: busybox

Issue Overview: A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. CVE-2022-30065 Affected Packages: busybox Issue Correction: Run yum update busybox or yum update --advisory...

Medium: pidgin

Issue Overview: An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain,...

Medium: lynx

Issue Overview: Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. CVE-2021-38165 Affected Packages: lynx Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Low: wireshark

Issue Overview: Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark...

Medium: qemu

Issue Overview: A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles o...

Medium: squashfs-tools

Issue Overview: Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service application crash via a crafted input, which triggers a stack-based buffer overflow. CVE-2015-4645 1 unsquash-1.c, 2 unsquash-2.c, 3...

Important: golang

Issue Overview: The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules whi...

Medium: python-imaging

Issue Overview: Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. CVE-2016-9190 Affected Packages: python-imaging Issue...

Medium: python3-requests

Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...

Medium: python3-tornado

Issue Overview: Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370 Affected Packages: python3-tornado Not...

Medium: python-tornado

Issue Overview: Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370 Affected Packages: python-tornado Issu...

Low: python3.11

Issue Overview: No CVE associated with this advisory Affected Packages: python3.11 Issue Correction: Run dnf update python3.11 --releasever 2023.1.20230719 or dnf update --advisory ALAS2023-2023-252 --releasever 2023.1.20230719 to update your system. More information on how to update your system...

Low: wireshark

Issue Overview: Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark...

Important: jackson-core

Issue Overview: An issue was discovered jackson-databind thru 2.15.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-35116 Affected Packages: jackson-core Issue Correction: Run dnf update jackson-core --releasev...

Medium: libX11

Issue Overview: A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array...

Medium: c-ares

Issue Overview: A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. CVE-2022-49...

Medium: flatpak

Issue Overview: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the TIOCLINUX ioctl command instead of TIOCSTI. If a Flatpak app is...

Medium: cups

Issue Overview: A vulnerability was found in CUPS. This issue occurs due to logging data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data immediately before the connection closed, resulting in a use-after-free in cupsdAcceptClient in...

Low: libarchive

Issue Overview: In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference or, in some cases, even arbitrary code execution. CVE-2022-36227 Affected...

Low: libcap

Issue Overview: libcap is vulnerable to a denial of service caused by the error handling in wrappthreadcreate function, which will cause memory to be leaked in the case of an error. CVE-2023-2602 Affected Packages: libcap Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Medium: libzapojit

Issue Overview: In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. CVE-2021-39360 Affected Packages: libzapojit Note:...

Medium: libtiff

Issue Overview: libtiff 4.5.0 is vulnerable to Buffer Overflow in uvencode when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. CVE-2023-26966 Affected Packages: libtiff Issue Correction: Run dnf update libtiff --releasever 2023.1.20230719 or dnf updat...

Important: docker

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: docker Issue Correction: Run dnf update docker --releasever 2023.1.20230719 or dnf update --advisory ALAS2023-2023-260 --releasever 2023.1.20230719 to update your system. More information o...

Low: open-vm-tools

Issue Overview: A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. CVE-2023-20867 Affected Packages: open-vm-tools Note: This advisory is applicable to Amazon Linux 2 AL2...

Important: tomcat9

Issue Overview: The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a reques...

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

Important: kernel

Issue Overview: An issue was discovered in fs/iouring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service deadlock because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25...

Medium: python-rsa

Issue Overview: A flaw was found in python-rsa, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality. CVE-2020-2565...