Medium: openssh

Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...

Medium: openssh

Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...

Medium: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to...

Medium: jbig2dec

Issue Overview: Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2error at /jbig2dec/jbig2.c. CVE-2023-46361 Affected Packages: jbig2dec Issue Correction: Run dnf update jbig2dec --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-451...

Low: vim

Issue Overview: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in...

Medium: python-cryptography

Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of...

Important: libtiff

Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: libtiff Issue Correction: Run dnf update libtiff...

Medium: wireshark

Issue Overview: SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file CVE-2023-6174 A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek CVE-2021-47432 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow CVE-2023-52752 In th...

Medium: perl

Issue Overview: A crafted regular expression when compiled by perl 5.30.0 through 5.38.0 can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038 In Perl before 5.38.2, Sparseunipropstring in regcomp.c can write to unallocated space because a property na...

Medium: guava

Issue Overview: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to...

Medium: avahi

Issue Overview: A reachable assertion was found in avahialternativehostname. CVE-2023-38473 Affected Packages: avahi Issue Correction: Run dnf update avahi --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-455 --releasever 2023.3.20231211 to update your system. More information ...

Medium: memcached

Issue Overview: In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. CVE-2023-46852 In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is us...

Medium: python-cryptography

Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects su...

Medium: avahi

Issue Overview: A reachable assertion was found in avahirdataparse. CVE-2023-38472 Affected Packages: avahi Issue Correction: Run dnf update avahi --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-456 --releasever 2023.3.20231211 to update your system. More information on how to...

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...

Medium: python-pip

Issue Overview: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how...

Low: traceroute

Issue Overview: In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. CVE-2023-46316 Affected Packages: traceroute Issue Correction: Run dnf update traceroute --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-452 --releasev...

Medium: openssl

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

Medium: python-urllib3

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie header and...

Low: shadow-utils

Issue Overview: A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve t...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...

Medium: dotnet6.0

Issue Overview: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability CVE-2023-36049 ASP.NET Core - Security Feature Bypass Vulnerability CVE-2023-36558 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0 --releasever 2023.3.20231211 or dnf update...

Medium: vim

Issue Overview: Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...

Medium: libXpm

Issue Overview: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/2fa554b01ef6079a9b35df9332bdc4f139ed67e0 CVE-2023-43788 Affected Packages: libXpm Issue...

Medium: openssl

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

Medium: samba

Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...

Medium: libX11

Issue Overview: A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. CVE-2023-43786 Affected Packages: libX11 Issue Correction: Run yum update...

Medium: kernel

Issue Overview: A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. In this flaw an attacker with local user access may lead to a system crash or a leak of internal kernel information. CVE-2023-3567 In the Linux kernel, the following...

Medium: amazon-efs-utils

Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests...

Important: xorg-x11-server

Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header CVE-2023-52843 In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe CVE-2023-52846 In the Linux...

Medium: libarchive

Issue Overview: An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extra...

Medium: python-wheel

Issue Overview: An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. CVE-2022-40898 Affected Packages: python-wheel Note: This advisory is applicable to Amazon Linux 2 AL2...

Medium: python-pip

Issue Overview: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how...

Medium: wireshark

Issue Overview: A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file. CVE-2023-6175 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...

Low: containerd

Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2023-1888 to update your...

Important: compat-libtiff3

Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: compat-libtiff3 Note: This advisory is applicable to...

Low: gawk

Issue Overview: A heap out-of-bounds read flaw was found in builtin.c in the gawk package which may result in a crash of the software. CVE-2023-4156 Affected Packages: gawk Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between A...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

Important: gstreamer1-plugins-bad-free

Issue Overview: gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Affected Packages: gstreamer1-plugins-bad-free Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section f...

Medium: jettison

Issue Overview: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of servic...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...

Important: kernel-livepatch-5.10.192-182.736

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...

Medium: mailman

Issue Overview: In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. CVE-2021-43331 In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password...

Low: gmp

Issue Overview: A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability. CVE-2021-43618 Affected Packages: gmp Note: This advisory is applicable to Amazon...

Low: libarchive

Issue Overview: In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference or, in some cases, even arbitrary code execution. CVE-2022-36227 Affected...