Medium: tar

Issue Overview: paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. CVE-2019-9923 Affected Packages: tar Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. Th...

Important: jettison

Issue Overview: An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. CVE-2023-1436 Affected Packages: jettison Note: This advisory is...

Low: qemu

Issue Overview: An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulti...

Medium: kernel

Issue Overview: bpf: incorrect verifier pruning due to missing register precision taints, which may lead to out-of-band read/write access due to an incorrect verifier conclusion. CVE-2023-2163 qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write...

Important: perl

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Affected Packages: perl Issue Correction: Run dnf update perl --releasever 2023.0.20230517 o...

Medium: git

Issue Overview: Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled...

Medium: openssl

Issue Overview: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers...

Medium: qt5-qtbase

Issue Overview: When using the Qt SQL ODBC driver plugin, then it is possible to trigger a DOS with a specifically crafted string RESERVED NOTE: https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin NOTE: https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d 6....

Medium: kernel

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. CVE-2023-2513 qfqchangeclass in...

Important: glib2

Issue Overview: In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference. CVE-2018-16428 GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str. CVE-2018-16429 Affected Packages: glib2 Note: This...

Medium: kernel

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. CVE-2023-2513 qfqchangeclass in...

Medium: kernel

Issue Overview: bpf: incorrect verifier pruning due to missing register precision taints, which may lead to out-of-band read/write access due to an incorrect verifier conclusion. CVE-2023-2163 A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the...

Medium: kernel

Issue Overview: bpf: incorrect verifier pruning due to missing register precision taints, which may lead to out-of-band read/write access due to an incorrect verifier conclusion. CVE-2023-2163 A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the...

Medium: openssl11

Issue Overview: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers...

Medium: kernel

Issue Overview: bpf: incorrect verifier pruning due to missing register precision taints, which may lead to out-of-band read/write access due to an incorrect verifier conclusion. CVE-2023-2163 qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write...

Important: tigervnc

Issue Overview: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X...

Medium: ImageMagick

Issue Overview: A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulti...

Medium: libwebp

Issue Overview: 2023-08-03: CVE-2018-25014 was added to this advisory. A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes. CVE-2018-25013 A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this...

Important: tomcat

Issue Overview: A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could...

Important: wireshark

Issue Overview: TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE-2023-0412 Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet...

Important: golang

Issue Overview: HTTP and MIME header parsing could allocate large amounts of memory, even when parsing small inputs. Certain unusual patterns of input data could cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed...

Important: libksba

Issue Overview: Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. CVE-2022-47629 Affected Packages: libksba Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Important: perl

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Affected Packages: perl Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: gd

Issue Overview: DISPUTED gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and...

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...

Medium: libwebp

Issue Overview: A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes. CVE-2018-25013 Affected Packages: libwebp Issue Correction: Run yum update libwebp or yum update --advisory ALAS-2023-1748 to update your system. New Packages: i686: ...

Important: samba

Issue Overview: Netlogon RPC Elevation of Privilege Vulnerability. CVE-2022-38023 Affected Packages: samba Issue Correction: Run yum update samba or yum update --advisory ALAS-2023-1747 to update your system. New Packages: i686: libsmbclient-4.10.16-24.66.amzn1.i686 ...

Important: glib2

Issue Overview: GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str. CVE-2018-16429 Affected Packages: glib2 Issue Correction: Run yum update glib2 or yum update --advisory ALAS-2023-1749 to update your system. New Packages: i686:...

Medium: inkscape

Issue Overview: Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. CVE-2021-42700 Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information...

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Medium: jdom

Issue Overview: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Affected Packages: jdom Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

Important: samba

Issue Overview: Netlogon RPC Elevation of Privilege Vulnerability. CVE-2022-38023 Affected Packages: samba Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum updat...

Important: kernel-livepatch-6.1.19-30.43

Issue Overview: A use-after-free flaw was found in btrfssearchslot in fs/btrfs/ctree.c in btrfs in the Linux Kernel. This flaw allows an attacker to crash the system and possibly cause a kernel information lea CVE-2023-1611 dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6...

Important: kernel-livepatch-6.1.12-19.43

Issue Overview: In the Linux kernel before 6.1.13, there is a double free in net/mpls/afmpls.c upon an allocation failure for registering the sysctl table under a new location during the renaming of a device. CVE-2023-26545 Affected Packages: kernel-livepatch-6.1.12-19.43 Issue Correction: Please...

Important: kernel-livepatch-6.1.15-28.43

Issue Overview: kernel: Type confusion in picknextrtentity, which can result in memory corruption. CVE-2023-1077 A use-after-free flaw was found in btrfssearchslot in fs/btrfs/ctree.c in btrfs in the Linux Kernel. This flaw allows an attacker to crash the system and possibly cause a kernel...

Important: apache-ivy

Issue Overview: A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious user to have unwanted access. Ivy users of version 2.4.0 t...

Important: ghostscript

Issue Overview: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than ful...

Important: ghostscript

Issue Overview: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than ful...

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Medium: libxml2

Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...

Important: ecs-service-connect-agent

Issue Overview: Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token JWT checks and forge fake original paths. The header x-envoy-original-path should be an interna...

Important: nasm

Issue Overview: NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856 CVE-2022-44370 Affected Packages: nasm Issue Correction: Run dnf update nasm --releasever 2023.0.20230503 or dnf update --advisory ALAS2023-2023-172 --releasever 2023.0.202305...

Important: golang

Issue Overview: Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. CVE-2022-23772 cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This...

Medium: ImageMagick

Issue Overview: Possible heap-based buffer overflow attack in ImportMultiSpectralQuantum in MagickCore/quantum-import.c for ImageMagick CVE-2023-1906 Affected Packages: ImageMagick Issue Correction: Run dnf update ImageMagick --releasever 2023.0.20230503 or dnf update --advisory ALAS2023-2023-170...

Important: tomcat9

Issue Overview: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5...

Important: kernel

Issue Overview: An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure with a dirty log journal. This flaw allows a local user to crash or potentially escalate their privileges on the system. CVE-2023-2124 In the Linux...

Important: glib2

Issue Overview: In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference. CVE-2018-16428 GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str. CVE-2018-16429 The keyfile settings backend in GNOM...

Important: privoxy

Issue Overview: A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunkedbodyiscomplete leading to denial of service. CVE-2021-20275 A vulnerability was found in Privoxy which was fixed in geturlspecparam by freeing memory of compiled pattern spec before bailing...

Important: tomcat7

Issue Overview: 2023-05-11: CVE-2017-12616 was added to this advisory. When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted...