8850 matches found
Important: kernel-livepatch-6.1.49-69.116
Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...
Important: kernel-livepatch-6.1.55-75.123
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same...
Important: kernel-livepatch-6.1.56-82.125
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's...
Important: kernel-livepatch-6.1.49-70.116
Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...
Important: kernel-livepatch-6.1.59-84.139
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's...
Important: kernel-livepatch-6.1.61-85.141
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possib...
Medium: openssh
Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...
Medium: openssh
Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...
Medium: jbig2dec
Issue Overview: Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2error at /jbig2dec/jbig2.c. CVE-2023-46361 Affected Packages: jbig2dec Issue Correction: Run dnf update jbig2dec --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-451...
Medium: wireshark
Issue Overview: SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file CVE-2023-6174 A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file...
Medium: python-pillow
Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...
Medium: python-pip
Issue Overview: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how...
Important: xorg-x11-server
Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...
Medium: memcached
Issue Overview: In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. CVE-2023-46852 In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is us...
Low: traceroute
Issue Overview: In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. CVE-2023-46316 Affected Packages: traceroute Issue Correction: Run dnf update traceroute --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-452 --releasev...
Important: libtiff
Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: libtiff Issue Correction: Run dnf update libtiff...
Medium: guava
Issue Overview: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to...
Low: vim
Issue Overview: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in...
Medium: python-urllib3
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie header and...
Medium: avahi
Issue Overview: A reachable assertion was found in avahirdataparse. CVE-2023-38472 Affected Packages: avahi Issue Correction: Run dnf update avahi --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-456 --releasever 2023.3.20231211 to update your system. More information on how to...
Medium: avahi
Issue Overview: A reachable assertion was found in avahialternativehostname. CVE-2023-38473 Affected Packages: avahi Issue Correction: Run dnf update avahi --releasever 2023.3.20231211 or dnf update --advisory ALAS2023-2023-455 --releasever 2023.3.20231211 to update your system. More information ...
Medium: python-cryptography
Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of...
Medium: dotnet6.0
Issue Overview: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability CVE-2023-36049 ASP.NET Core - Security Feature Bypass Vulnerability CVE-2023-36558 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0 --releasever 2023.3.20231211 or dnf update...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek CVE-2021-47432 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow CVE-2023-52752 In th...
Medium: squid
Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to...
Medium: python-cryptography
Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects su...
Low: shadow-utils
Issue Overview: A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve t...
Medium: openssl
Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...
Medium: perl
Issue Overview: A crafted regular expression when compiled by perl 5.30.0 through 5.38.0 can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038 In Perl before 5.38.2, Sparseunipropstring in regcomp.c can write to unallocated space because a property na...
Medium: libXpm
Issue Overview: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/2fa554b01ef6079a9b35df9332bdc4f139ed67e0 CVE-2023-43788 Affected Packages: libXpm Issue...
Medium: samba
Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...
Important: xorg-x11-server
Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...
Medium: vim
Issue Overview: Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist...
Medium: openssl
Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...
Medium: libX11
Issue Overview: A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. CVE-2023-43786 Affected Packages: libX11 Issue Correction: Run yum update...
Medium: kernel
Issue Overview: A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. In this flaw an attacker with local user access may lead to a system crash or a leak of internal kernel information. CVE-2023-3567 In the Linux kernel, the following...
Medium: wireshark
Issue Overview: A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file. CVE-2023-6175 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...
Important: kernel-livepatch-5.10.196-185.743
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past comm...
Medium: indent
Issue Overview: GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 Affected Packages: indent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...
Medium: zbar
Issue Overview: A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare...
Medium: kernel
Issue Overview: A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. In this flaw an attacker with local user access may lead to a system crash or a leak of internal kernel information. CVE-2023-3567 In the Linux kernel, the following...
Medium: samba
Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...
Medium: python-pip
Issue Overview: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how...
Low: binutils
Issue Overview: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in rust-demangle.c. CVE-2021-32256 Affected Packages: binutils Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...
Low: gmp
Issue Overview: A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability. CVE-2021-43618 Affected Packages: gmp Note: This advisory is applicable to Amazon...
Important: squid
Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...
Low: containerd
Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2023-1888 to update your...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header CVE-2023-52843 In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe CVE-2023-52846 In the Linux...
Medium: glibc
Issue Overview: The mqnotify function in the GNU C Library aka glibc has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...