Important: libtiff

Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: libtiff Note: This advisory is applicable to Amazon...

Medium: libX11

Issue Overview: A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. CVE-2023-43786 Affected Packages: libX11 Note: This advisory is applicable ...

Medium: openssl-snapsafe

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

Medium: openssl11

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

Medium: zbar

Issue Overview: A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare...

Medium: indent

Issue Overview: GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 Affected Packages: indent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Low: binutils

Issue Overview: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in rust-demangle.c. CVE-2021-32256 Affected Packages: binutils Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...

Medium: virtuoso-opensource

Issue Overview: An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements. CVE-2023-31607 An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Deni...

Medium: kernel

Issue Overview: A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. In this flaw an attacker with local user access may lead to a system crash or a leak of internal kernel information. CVE-2023-3567 In the Linux kernel, the following...

Important: kernel-livepatch-4.14.322-244.539

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-244.539 Issue Correction: Please...

Low: advancecomp

Issue Overview: advancecomp has a segmentation fault on invalid MNG size CVE-2023-2961 Affected Packages: advancecomp Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Ru...

Important: php

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state...

Medium: glibc

Issue Overview: The mqnotify function in the GNU C Library aka glibc has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...

Medium: avahi

Issue Overview: A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the clientwork function, allowing a local attacker to trigger an infinite loop. The highest threat from this...

Medium: dovecot

Issue Overview: An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied...

Medium: openssl

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1...

Important: kernel-livepatch-5.10.192-183.736

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...

Low: uriparser

Issue Overview: An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. CVE-2021-46142 Affected Packages: uriparser Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2...

Important: kernel-livepatch-5.10.196-185.743

Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past comm...

Medium: net-snmp

Issue Overview: A flaw was found in net-snmp. A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access issue. CVE-2022-24805 A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed...

Low: vim

Issue Overview: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in...

Medium: samba

Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...

Important: kernel-livepatch-4.14.322-246.539

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-246.539 Issue Correction: Please...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

Important: firefox

Issue Overview: A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after discovering it was...

Medium: containerd

Issue Overview: A flaw was found in containerd. Access controls for the shim API socket verified that a connecting process had an effective UID of 0, but otherwise did not restrict access to the abstract Unix domain socket. This could allow malicious containers running in the same network namespa...

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO...

Medium: containerd

Issue Overview: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to...

Important: kernel

Issue Overview: An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kern...

Medium: containerd

Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...

Medium: containerd

Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...

Medium: containerd

Issue Overview: A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when...

Medium: containerd

Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd Note: This advisory is applicable to...

Medium: containerd

Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd Note: This advisory is applicable to...

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to...

Medium: docker

Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...

Medium: containerd

Issue Overview: A bug was found in containerd where containers launched through containerd's CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on...

Medium: ruby

Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...

Medium: vim

Issue Overview: Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist...

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to...

Medium: re2c

Issue Overview: A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Affected Packages: re2c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

Important: thunderbird

Issue Overview: The Mozilla Foundation Security Advisory describes this flaw as: It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. CVE-2023-5721 The Mozilla Foundation Security Advisory describ...

Important: qt5-qtimageformats

Issue Overview: Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical CVE-2023-4863 Affected Packages: qt5-qtimageformats Note: This advisory is...

Important: nerdctl

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Text nodes not in the HTML namespace are incorrectly literally rendered,...

Medium: qemu

Issue Overview: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L...

Medium: amazon-efs-utils

Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...

Important: xorg-x11-server

Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...

Medium: ctags

Issue Overview: A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls...