Important: golang

Issue Overview: html/template: improper sanitization of CSS values Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for...

Important: kernel-livepatch-6.1.25-37.47

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform...

Important: kernel-livepatch-6.1.27-43.48

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform...

Important: webkitgtk4

Issue Overview: A logic issue was addressed with improved state management. CVE-2020-22592 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2,...

Important: jettison

Issue Overview: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of servic...

Important: kernel

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 Affected Packages: kernel Issue Correction: Run dnf update kernel --releasever 2023.0.20230614 or dnf update --advisory...

Important: vim

Issue Overview: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. CVE-2023-2610 Affected Packages: vim Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

Medium: bluez

Issue Overview: A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. CVE-2022-0204 Affected Packages: bluez Issue Correction: Ru...

Important: kernel-livepatch-6.1.21-1.45

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failu...

Important: kernel-livepatch-6.1.23-36.46

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failu...

Important: kernel-livepatch-6.1.15-28.43

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failu...

Important: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not...

Medium: opensc

Issue Overview: A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where...

Medium: ruby

Issue Overview: A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

Medium: mod_security

Issue Overview: In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity C language codebase. CVE-2022-48279...

Important: squid

Issue Overview: Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. CVE-2016-10003 An issue was...

Important: golang

Issue Overview: html/template: improper sanitization of CSS values Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for...

Important: vim

Issue Overview: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. CVE-2023-2426 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. CVE-2023-2610...

Medium: mod24_auth_mellon

Issue Overview: A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. T...

Medium: openssl

Issue Overview: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers...

Important: postgresql92

Issue Overview: This enabled an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users. CVE-2023-2454 Affected Packages: postgresql92 Issue Correction: Run y...

Medium: dnsmasq

Issue Overview: An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. CVE-2023-28450 Affected Packages: dnsmasq Issue Correction: Run yum update dnsmasq or yum update --advisory ALAS-2023-1758 to...

Medium: freetype

Issue Overview: A segmentation fault was found in FreeType's FTRequestSize function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash, leading to a denial of service. CVE-2022-27406 Affected Packages: freetype...

Medium: pcre

Issue Overview: Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular...

Medium: git

Issue Overview: Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled...

Low: gnuplot

Issue Overview: A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash. CVE-2021-44917 Affected Packages: gnuplot Issue Correction: Run dnf update gnuplot --releasever 2023.0.20230607 or dnf upda...

Important: kernel

Issue Overview: There is a potential deadlock in the eBPF subsystem in the Linux kernel. The default sysctl configuration "kernel.unprivilegedbpfdisabled" on Amazon Linux does not allow unprivileged users to use eBPF. CVE-2023-0160 A denial of service problem was found, due to a possible recursiv...

Medium: cloud-init

Issue Overview: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. CVE-2023-1786 Affected Packages: cloud-init Issue Correction: Run dnf update cloud-init --releasever...

Medium: libldb

Issue Overview: Access controlled AD LDAP attributes can be discovered CVE-2023-0614 Affected Packages: libldb Issue Correction: Run dnf update libldb --releasever 2023.0.20230607 or dnf update --advisory ALAS2023-2023-187 --releasever 2023.0.20230607 to update your system. More information on ho...

Important: python-pillow

Issue Overview: Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed. CVE-2014-9601 Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted...

Medium: libssh

Issue Overview: A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. CVE-2023-1667 A vulnerability was found in libssh, where the authentication check of the connecting client can be...

Important: python-flask

Issue Overview: Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one...

Medium: wireshark

Issue Overview: RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file CVE-2023-1992 LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or...

Important: libwebp

Issue Overview: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash. CVE-2023-1999 Affected Packages: libwebp Issue Correction: Run dnf update libwebp --releasever 2023.0.20230607 or dnf update --advisory ALAS2023-2023-185 --releasever 2023.0.20230607 ...

Important: libtasn1

Issue Overview: GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder. CVE-2021-46848 Affected Packages: libtasn1 Issue Correction: Run dnf update libtasn1 --releasever 2023.0.20230607 or dnf update --advisory ALAS2023-2023-201 --releasever...

Important: c-ares

Issue Overview: A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. CVE-2022-49...

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

Important: perl-CPAN

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Affected Packages: perl-CPAN Issue Correction: Run dnf update perl-CPAN --releasever...

Important: flatpak

Issue Overview: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AFUNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other...

Important: xmlrpc

Issue Overview: An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintain...

Medium: poppler

Issue Overview: A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service DoS via a crafted PDF file. CVE-2022-27337 Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in...

Important: wireshark

Issue Overview: Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version between 4.0.0 to 4.0.5, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. NOTE:...

Important: glusterfs

Issue Overview: In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. CVE-2023-26253 Affected Packages: glusterfs Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between A...

Important: byacc

Issue Overview: When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free. CVE-2021-33641 When a file is processed, an infinite loop occurs in nextinline of the morecurly function. CVE-2021-33642...

Medium: OpenEXR

Issue Overview: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. CVE-2021-20298 A flaw foun...

Important: sysstat

Issue Overview: sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. CVE-2023-33204 Affected Packages: sysstat Issue Correction: Run dnf update sysstat --releasever 2023.0.20230607 or...

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

Important: sysstat

Issue Overview: sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. CVE-2023-33204 Affected Packages: sysstat Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Medium: microcode_ctl

Issue Overview: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. CVE-2022-21216 Incorrect default permissions in some...

Medium: snakeyaml

Issue Overview: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CVE-2022-38750 Affected Packages: snakeyaml Issue...