Important: gnutls

Issue Overview: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker wou...

Important: openldap

Issue Overview: An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered...

Medium: redis6

Issue Overview: Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Important: kernel

Issue Overview: 2023-06-29: CVE-2023-33203 was added to this advisory. 2023-06-07: CVE-2023-1838 was added to this advisory. The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an...

Important: openldap

Issue Overview: In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion ... NOTE: https://bugs.openldap.org/showbug.cgi?id=9454 NOTE: trunk: https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0 NOTE: RELENG 2.4.x:...

Medium: libwebp

Issue Overview: A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2020-36330 A flaw was found in libwebp in versions...

Medium: libxml2

Issue Overview: A NULL pointer dereference exists when parsing invalid XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK CVE-2023-28484 libxml2 Hashing of empty dict strings isn't deterministic. When hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce...

Important: nss

Issue Overview: firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 Affected Packages: nss Issue Correction: Run yum update nss or yum update --advisory ALAS-2023-1736 to update your system. New Packages: i686: nss-sysinit-3.53.1-7.88.amzn1.i686 ...

Important: nasm

Issue Overview: NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856 CVE-2022-44370 Affected Packages: nasm Issue Correction: Run yum update nasm or yum update --advisory ALAS-2023-1737 to update your system. New Packages: i686: ...

Medium: future

Issue Overview: An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. CVE-2022-40899 Affected Packages: future Issue Correction: Run dnf update future --releasever...

Important: ghostscript

Issue Overview: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than ful...

Medium: ldns

Issue Overview: When ldns version 1.7.1 verifies a zone file, the ldnsrrnewfrmstrinternal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload. CVE-2020-19860 Affected Packages: ldns Note: This advisory is applicabl...

Medium: pcs

Issue Overview: The Ruby on Rails advisory describes this vulnerability as follows: Carefully crafted input can cause header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse headers using Rack virtually all...

Important: tomcat

Issue Overview: When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request. CVE-2017-12616 When using the RemoteIpFilter with...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Medium: libxml2

Issue Overview: A NULL pointer dereference exists when parsing invalid XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK CVE-2023-28484 libxml2 Hashing of empty dict strings isn't deterministic. When hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce...

Important: openldap

Issue Overview: An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered...

Low: screen

Issue Overview: socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. CVE-2023-24626 Affected...

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Medium: golang

Issue Overview: Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. CVE-2023-24537 Affected Packages: golang Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Important: xstream

Issue Overview: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new...

Important: nasm

Issue Overview: NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856 CVE-2022-44370 Affected Packages: nasm Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and...

Medium: libwebp

Issue Overview: A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2020-36330 A flaw was found in libwebp in versions...

Important: kernel

Issue Overview: A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. CVE-2023-1838...

Important: thunderbird

Issue Overview: The Mozilla Foundation describes this issue as follows: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. CVE-2023-054...

Medium: docker

Issue Overview: A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in procdou8vecminmax. CVE-2022-49634 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure with a dirty log...

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Important: kernel

Issue Overview: An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure with a dirty log journal. This flaw allows a local user to crash or potentially escalate their privileges on the system. CVE-2023-2124 In the Linux...

Important: kernel

Issue Overview: A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory i...

Important: tomcat8

Issue Overview: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5...

Medium: ImageMagick

Issue Overview: A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulti...

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

Important: golang

Issue Overview: Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy...

Medium: curl

Issue Overview: A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or...

Important: emacs

Issue Overview: org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. CVE-2023-28617 Affected Packages: emacs Note: This advisory is applicable to Amazon...

Important: liblouis

Issue Overview: Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the loulogFile function at logginc.c endpoint. CVE-2023-26767 Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of...

Important: pki-core

Issue Overview: Access to external entities when parsing XML documents can lead to XML external entity XXE attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. CVE-2022-2414 Affected Packages: pki-core Note:...

Important: golang

Issue Overview: Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset. CVE-2022-30580 Infinite loop in...

Important: jasper

Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...

Medium: mysql-connector-java

Issue Overview: Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

Important: jasper

Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...

Medium: dbus

Issue Overview: An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. CVE-2022-42010 An...

Medium: pkgconf

Issue Overview: In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056 Affected Packages: pkgconf...

Medium: kernel

Issue Overview: A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC action "mirred" a local unprivileged user could trigger a CPU soft lockup ABBA deadlock when the transport protocol in use TC...

Important: bind

Issue Overview: By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 A flaw was found in the Bind package, where the resolver ca...

Important: ruby3.2

Issue Overview: A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 a...

Important: kernel-livepatch-5.10.165-143.735

Issue Overview: kernel: Type confusion in picknextrtentity, which can result in memory corruption. CVE-2023-1077 dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...