K000133491: Intel QATZip vulnerability CVE-2022-36369

Security Advisory Description Improper access control in some QATzip software maintained by IntelR before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2022-36369 Impact There is no impact; F5 products are not affected by this...

K000133447: Linux kernel vulnerability CVE-2022-32250

Security Advisory Description net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free. CVE-2022-32250 Impact For products with None in...

K000133456: OpenJDK vulnerabilities CVE-2019-2766, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2842

Security Advisory Description CVE-2019-2766 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows...

K000133432: Intel CPU vulnerability CVE-2022-21216

Security Advisory Description Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. CVE-2022-21216 Impact This vulnerability...

K000133409: Log4j vulnerability CVE-2023-26464

Security Advisory Description UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie, deeply nested hashmap or hashtable depending on which logging...

K000133402: Apache Tomcat vulnerability CVE-2023-28708

Security Advisory Description When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 di...

K000133373: Intel SGX vulnerability CVE-2022-33196

Security Advisory Description Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-33196 Impact...

K000133317: Intel software vulnerability CVE-2022-21163

Security Advisory Description Improper access control in the Crypto API Toolkit for IntelR SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2022-21163 Impact There is no impact; F5 products are not affecte...

K000133135: NGINX Agent vulnerability CVE-2023-1550

Security Advisory Description NGINX Agent inserts sensitive information into a log file. CVE-2023-1550 Impact An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note :...

K000133224: Apache Tomcat vulnerability CVE-2022-42252

Security Advisory Description If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false the default for 8.5.x only, Tomcat did not reject a request containing an invalid...

K000133223: Samba vulnerability CVE-2022-3437

Security Advisory Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated...

K000132725: FasterXML vulnerability CVE-2022-42004

Security Advisory Description In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for...

K000133098: Apache vulnerability CVE-2023-25690

Security Advisory Description Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches...

K000133094: cURL vulnerability CVE-2020-8177

Security Advisory Description curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. CVE-2020-8177 Impact The highest threat from this vulnerability is to file integrity. This may...

K000133092: cURL vulnerability CVE-2022-43552

Security Advisory Description A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET,...

K000133077: Java SE vulnerability CVE-2019-2697

Security Advisory Description Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

K000133070: Freetype vulnerability CVE-2020-15999

Security Advisory Description Freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng. CVE-2020-15999 Impact Certain library in F5OS requires the use of the vulnerable component. However, there is no known way to exploit this vulnerability on F5OS in default, standard, or...

K000133052: Apache Commons FileUpload vulnerability CVE-2023-24998

Security Advisory Description Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new...

K000133058: device-mapper-multipath vulnerability CVE-2022-41973

Security Advisory Description multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to...

K000133041: ModSecurity vulnerability CVE-2023-24021

Security Advisory Description Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILESTMPCONTENT collection. CVE-2023-24021 Impact The...

K000132965: Apache vulnerability CVE-2023-27522

Security Advisory Description HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. CVE-2023-27522...

K000132941: OpenSSL vulnerability CVE-2023-0286

Security Advisory Description There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as...

K000132943: OpenSSL vulnerability CVE-2022-4304

Security Advisory Description A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very lar...

K000132946: OpenSSL vulnerability CVE-2023-0215

Security Advisory Description The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The...

K000132933: Linux kernel vulnerability CVE-2022-1729

Security Advisory Description A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. CVE-2022-1729...

K000132929: OpenSSH vulnerability CVE-2023-25136

Security Advisory Description OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the ss...

K000132893: GRUB2 vulnerability CVE-2022-28733

Security Advisory Description Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen value. Under certain circumstances the totallen value may end up wrapping around to a small integer number whi...

K000132856: TPM 2.0 vulnerabilities CVE-2023-1017 and CVE-2023-1018

Security Advisory Description Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module TPM 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted command...

K000132686: TLS Triple Handshake Attack vulnerability

Security Advisory Description The original TLS protocol includes a weakness in master secret negotiation, potentially allowing the Triple Handshake Attack that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. Impact This vulnerability may allow an unauthenticated...

K000132775: DOMPDF vulnerabilities CVE-2023-23924 and CVE-2023-24813

Security Advisory Description CVE-2023-23924 Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit...

K000132690: BIND vulnerability CVE-2022-3488

Security Advisory Description Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to...

K000132765: OpenSSL vulnerabilities CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401

Security Advisory Description CVE-2022-4203 A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or...

K000132764: SSL Certificates in Mozilla vulnerability CVE-2022-23491

Security Advisory Description Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being...

K000132761: CVE-2020-10754 NetworkManager

Security Advisory Description It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the...

K000132744: Node.js vulnerability CVE-2020-14966

Security Advisory Description An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verifie...

K000132643: Apache HTTP server vulnerability CVE-2022-36760

Security Advisory Description Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4...

K000132665: Apache HTTPD vulnerability CVE-2022-37436

Security Advisory Description Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the...

K000132703: HAProxy vulnerability CVE-2021-40346

Security Advisory Description An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. CVE-2021-40346 Impact There is no...

K34931053: OpenSMTPD vulnerability CVE-2020-7247

Security Advisory Description smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the...

K96003129: Intel CPU vulnerability CVE-2020-24489

Security Advisory Description Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-24489 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...

K52439336: FreeType vulnerabilities CVE-2014-9746 and CVE-2014-9747

Security Advisory Description CVE-2014-9746 The 1 t1parsefontmatrix function in type1/t1load.c, 2 cidparsefontmatrix function in cid/cidload.c, 3 t42parsefontmatrix function in type42/t42parse.c, and 4 psparserloadfield function in psaux/psobjs.c in FreeType before 2.5.4 do not check return value...

K52521791: vCMP Cavium Nitrox SSL hardware accelerator vulnerability CVE-2018-5507

Security Advisory Description vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU. CVE-2018-5507 Impact BIG-IP The affected SSL connections are terminated unexpectedly. ARX / BIG-IQ / Enterprise Manager ...

K30425568: Overview of F5 vulnerabilities (October 2022)

Security Advisory Description On October 19, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...

K44340019: rpcbind use-after-free vulnerability CVE-2015-7236

Security Advisory Description Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code.CVE-2015-7236 Impact There is no impact; F5 products are not...

K46303125: LibTIFF vulnerability CVE-2016-3990

Security Advisory Description Heap-based buffer overflow in the horizontalDifference8 function in tifpixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted TIFF image to tiffcp. CVE-2016-3990 Impact There is no...

K14919: Socat vulnerabilities CVE-2010-2799, CVE-2012-0219, and CVE-2013-3571

Security Advisory Description CVE-2010-2799 Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line...

K92930514: GO vulnerability CVE-2016-5386

Security Advisory Description The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote...

K58243048: Considerations for transferring files from F5 devices

Security Advisory Description The BIG-IP system uses Secure Vault, a secure SSL-encrypted storage system, to securely store sensitive data such as SSL key passphrases, users, and administrator and services passwords. However, files transferred from an F5 device including products listed in the...

K69334442: Intel Processors RRSBA advisory CVE-2022-28693

Security Advisory Description Unprotected alternative channel of return branch target prediction in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2022-28693 Impact There is no impact; F5 products are not affected by this...

K72372334: FreeType vulnerability CVE-2014-9745

Security Advisory Description The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage. CVE-2014-9745 Impact A remote attacker may be...