Important: docker

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: docker Issue Correction: Run dnf update docker...

Medium: composer

Issue Overview: Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has registerargcargv enabled in php.ini. Versions...

Medium: cups

Issue Overview: A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. CVE-2023-4504 Affected Packages: cups Issue...

Medium: ImageMagick

Issue Overview: 2024-06-06: CVE-2021-20309 was added to this advisory. A flaw was found in ImageMagick, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat fr...

Medium: ImageMagick

Issue Overview: A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Affected Packages: ImageMagick Issue Correction: Run yum update ImageMagick or yum update --advisory ALAS-2023-1856 to update your system. New Packages: i686: ...

Important: kernel-livepatch-6.1.29-50.88

Issue Overview: A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of...

Important: kernel-livepatch-6.1.25-37.47

Issue Overview: A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of...

Important: kernel-livepatch-6.1.38-59.109

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. I...

Important: kernel-livepatch-6.1.29-50.88

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

Important: kernel-livepatch-6.1.29-47.49

Issue Overview: A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of...

Important: kernel-livepatch-6.1.34-58.102

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

Important: kernel-livepatch-6.1.34-59.116

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

Important: kernel-livepatch-6.1.34-56.100

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

Important: kernel-livepatch-6.1.27-43.48

Issue Overview: A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of...

Medium: pki-core

Issue Overview: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but...

Medium: java-17-amazon-corretto

Issue Overview: Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. CVE-2023-22025 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2...

Medium: ImageMagick

Issue Overview: A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Medium: jbigkit

Issue Overview: A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been...

Medium: vim

Issue Overview: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. CVE-2023-5344 Affected Packages: vim Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

Medium: ceph-common

Issue Overview: A flaw was found in rgw. This flaw allows an unprivileged user to write to any buckets accessible by a given key if a POST's form-data contains a key called 'bucket' with a value matching the bucket's name used to sign the request. This issue results in a user being able to upload...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this...

Important: apache-ivy

Issue Overview: Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own...

Medium: libsepol

Issue Overview: The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from verifymappermclassperms and hashtabmap...

Important: kernel

Issue Overview: A flaw was found in rsvpchange. The root cause is an slab-out-of-bound access, but since the offset to the original pointer is an unsign int fully controlled by users, the behavior is usually a wild pointer access. CVE-2023-42755 A use-after-free vulnerability in the Linux kernel'...

Low: containerd

Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn...

Medium: firefox

Issue Overview: VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. CVE-2023-44488 Affected Packages: firefox Note: This advisory is applicable to Amazon Linux 2 - Firefox Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section...

Medium: squid

Issue Overview: Squid before 4.4 has XSS via a crafted X.509 certificate during HTTPS error page generation for certificate errors. CVE-2018-19131 A memory leak was discovered in the way Squid handles SNMP denied queries. A remote attacker may use this flaw to exhaust the resources on the server...

Important: oniguruma

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability...

Important: docker

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly consider backticks as Javascript string delimiters, and as such did not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contained a G...

Important: gstreamer1-plugins-bad-free

Issue Overview: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0006.html NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/mergerequests/5362 NOTE: Fixed by:...

Important: yum

Issue Overview: Amazon Linux customers may have experienced an issue with our repository metadata in all regions. During this time, EC2 instances accessing metadata from our repositories experienced 500 MB of increased disk usage. Affected Packages: yum Note: This advisory is applicable to Amazon...

Medium: cups

Issue Overview: A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. CVE-2023-4504 Affected Packages: cups Note: This...

Medium: grilo

Issue Overview: In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. CVE-2021-39365 Affected Packages: grilo Note: This advisor...

Important: runc

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: runc Note: This advisory is applicable to Amazon Linux...

Medium: sudo

Issue Overview: Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487 Affected Packages: sudo Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

Medium: ghostscript

Issue Overview: A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. CVE-2020-16294 A divide by zero issue discovered in epsprintpage in...

Medium: bluez

Issue Overview: An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in...

Important: grub2

Issue Overview: An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap...

Medium: libtiff

Issue Overview: There exists one heap buffer overflow in TIFFmemcpy in tifunix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. CVE-2020-18768 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3...

Important: kernel

Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Due to a race condition between nftables netlink control plane transaction and nftset element garbage collection, it is possible to underflow...

Medium: libreswan

Issue Overview: A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer...

Important: runc

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: runc Note: This advisory is applicable to Amazon Linux...

Medium: thunderbird

Issue Overview: VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. CVE-2023-44488 Affected Packages: thunderbird Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Important: firefox

Issue Overview: Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical CVE-2023-4863 Affected Packages: firefox Note: This advisory is applicable to Amaz...

Important: libwebp12

Issue Overview: Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical CVE-2023-4863 Affected Packages: libwebp12 Note: This advisory is applicable to...

Medium: libXpm

Issue Overview: libX11: integer overflow in XCreateImage leading to a heap overflow. CVE-2023-43787 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 NOTE: Fixed by:...

Medium: libX11

Issue Overview: libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: integer overflow in XCreateImage leading to a heap overflow. CVE-2023-43787 Affected Packages: libX11 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for th...

Important: thunderbird

Issue Overview: Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical CVE-2023-4863 Affected Packages: thunderbird Note: This advisory is applicable to...

Low: containerd

Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more...