8850 matches found
Important: gstreamer1-plugins-bad-free
Issue Overview: gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Affected Packages: gstreamer1-plugins-bad-free Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section f...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...
Medium: openssl11
Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...
Medium: openssl
Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...
Medium: openssl-snapsafe
Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...
Medium: amazon-efs-utils
Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...
Important: kernel-livepatch-4.14.322-244.539
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-244.539 Issue Correction: Please...
Important: microcode_ctl
Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...
Medium: avahi
Issue Overview: A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the clientwork function, allowing a local attacker to trigger an infinite loop. The highest threat from this...
Important: xorg-x11-server
Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...
Important: libtiff
Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: libtiff Note: This advisory is applicable to Amazon...
Important: compat-libtiff3
Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: compat-libtiff3 Note: This advisory is applicable to...
Important: kernel-livepatch-5.10.192-183.736
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...
Important: kernel-livepatch-5.10.192-182.736
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...
Medium: virtuoso-opensource
Issue Overview: An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements. CVE-2023-31607 An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Deni...
Medium: python-wheel
Issue Overview: An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. CVE-2022-40898 Affected Packages: python-wheel Note: This advisory is applicable to Amazon Linux 2 AL2...
Low: vim
Issue Overview: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in...
Important: xorg-x11-server
Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...
Important: kernel-livepatch-4.14.322-246.539
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-246.539 Issue Correction: Please...
Medium: mailman
Issue Overview: In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. CVE-2021-43331 In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password...
Important: kernel
Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests...
Low: uriparser
Issue Overview: An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. CVE-2021-46142 Affected Packages: uriparser Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2...
Medium: jettison
Issue Overview: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of servic...
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state...
Medium: net-snmp
Issue Overview: A flaw was found in net-snmp. A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access issue. CVE-2022-24805 A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed...
Low: advancecomp
Issue Overview: advancecomp has a segmentation fault on invalid MNG size CVE-2023-2961 Affected Packages: advancecomp Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Ru...
Medium: dovecot
Issue Overview: An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied...
Medium: indent
Issue Overview: GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 Affected Packages: indent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...
Medium: python-pip
Issue Overview: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how...
Low: containerd
Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2023-1888 to update your...
Medium: samba
Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...
Medium: containerd
Issue Overview: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to...
Medium: containerd
Issue Overview: A flaw was found in containerd. Access controls for the shim API socket verified that a connecting process had an effective UID of 0, but otherwise did not restrict access to the abstract Unix domain socket. This could allow malicious containers running in the same network namespa...
Medium: containerd
Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd Note: This advisory is applicable to...
Medium: containerd
Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd Note: This advisory is applicable to...
Important: kernel
Issue Overview: An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kern...
Medium: containerd
Issue Overview: A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when...
Important: kernel
Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO...
Important: kernel
Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to...
Medium: containerd
Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...
Medium: docker
Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...
Medium: containerd
Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...
Medium: containerd
Issue Overview: A bug was found in containerd where containers launched through containerd's CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on...
Important: firefox
Issue Overview: A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after discovering it was...
Medium: re2c
Issue Overview: A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Affected Packages: re2c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...
Important: microcode_ctl
Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...
Medium: qemu
Issue Overview: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L...
Important: nerdctl
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Text nodes not in the HTML namespace are incorrectly literally rendered,...
Important: xorg-x11-server
Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...
Medium: amazon-efs-utils
Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...