Suse cve 2023 51767. Description An integer overflow in xerces-c++ 3.

Description Use After Free in GitHub repository vim/vim prior to v9. Description Use after free in Blink History in Google Chrome prior to 118. CVE-2023-51782 at MITRE. CVE-2023-52707 at MITRE. 132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. PCI 审核：OpenSSH 身份验证绕过漏洞 (CVE-2023-51767) 今天，我对我的一台服务器进行了 Qualys PCI 审核。. CVE-2023-52323: Fixed side-channel leakage in RSA decryption by using constant-time (faster) padding decoding for OAEP (bsc#1218564). cve-2023-5186 at mitre Description Use after free in Passwords in Google Chrome prior to 117. Description Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. Description In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: use vmm_table as array in wilc struct Enabling KASAN and running some iperf tests raises some memory issues with vmm_table: BUG: KASAN: slab-out-of-bounds in wilc_wlan_handle_txq+0x6ac/0xdb4 Write of size 4 at addr c3a61540 by task wlan0-tx/95 KASAN Description. CVE-2023-7216 at MITRE. The CVE-2023-51767 vulnerability affects users of OpenSSH up to and including version 9. A sub-feature of this are Shadow Stacks (CET-SS). Overall state of this security issue: Analysis. In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check find_first_bit () return value We must check the return value of find_first_bit () before using the return value as an index array since it happens to overflow the array and then panic: [ 107. 9. Description Inappropriate implementation in Installer in Google Chrome prior to 118. 2010. SUSE. CVE-2023-52467 at MITRE. A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. SUSE Timeline for this CVE CVE page This issue is fixed in iOS 17. By conducting a row hammer attack against the mm_answer_authpassword integer value to flip a single bit, an attacker could exploit this vulnerability to bypass authentication and obtain administrative access. cve-2023-6345 at mitre Description Integer overflow in Skia in Google Chrome prior to 119. Security Advisory Description. 4-150500. CVE-2023-4863 at MITRE. 97. 1 Secure your Linux systems from CVE-2023-51797. CVE-2023-39070 at MITRE. appxbundle files, which can run commands on a user's computer. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. CVE-2023-51764 at MITRE. 02. Description Vim is an open source command line text editor. A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. 5 has a use-after-free that can only occur after a certain memory allocation fails. 2 before 2. Dec 24, 2023 · SUSE: CVE-2023-51764: SUSE Linux Security Advisory Free InsightVM Trial No Credit Card Necessary. cpp:1934. Description In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. Description A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. 12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token. This issue is fixed in Safari 16. National Vulnerability Database. Dec 24, 2023 · CVE-2023-51767. CVE-2023-52757 at MITRE. The vulnerability is Secure your Linux systems from CVE-2023-1077. CVE-2023-5168 at MITRE. CVE-2023-52867 at MITRE. 0. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. 8. CVE-2023-50761 at MITRE. Alternatively you can run the command listed for your product: Description. 2, Safari 17. Description The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. Secure your Linux systems from CVE-2023-42465. CVE-2023-51765 at MITRE. 17. Description. CVE-2023-51775 at MITRE. CVE-2023-52475 at MITRE. 6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. Mitigations and patches may be available, but downstream impacts to third-party vendors Description. Dec 23, 2023 · The vulnerability CVE-2023-51767 in OpenSSH through 9. 6 allows for row hammer attacks, potentially leading to authentication bypass. 319434] CPU: 3 PID Upstream information. Description sendmail through 8. 70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Overall state of this security issue: Resolved Description. 5993. Description: OpenSSH through 9. Published: 24 December 2023. When enabled, traditional stacks holding both data and return addresses are accompanied by so called Upstream information. CVE-2023-2137 at MITRE. 7 before 2. NOTE: this is applicable to a certain threat model of attacker-victim co-location in Feb 17, 2024 · K000138643: OpenSSH vulnerability CVE-2023-51767. SUSE Linux Enterprise Module for Server Applications 15 SP6. 4. CVE-2023-43361 at MITRE. c has a use-after-free because of a rose_accept race condition. Base Score. 5 before 2. 5938. Impact is low, user interaction is required and a crash may not even happen in all situations. frr >= 8. 11. 6045. Description A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1. 6. 21, 2. Sensitive data may be disclosed to configured FastCGI backends in an Apr 19, 2023 · Note from the SUSE Security Team on the kernel-default package. A remote code execution vulnerability was found in Shim. Description A use after free issue was addressed with improved memory management. 4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap. CVE-2023-45289 at MITRE. This issue is currently rated as having moderate severity. Description In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueue gets freed in the following path: do_rmdir cgroup_rmdir Upstream information. Description In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access. Description Postfix through 3. Description NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Description An issue was discovered in the Linux kernel before 6. 5 padding. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. Dec 24, 2023 · CVE-2023-51767 Detail Description OpenSSH through 9. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data. Description OpenSSH through 9. Jul 13, 2023 · Secure your Linux systems from CVE-2023-38197. This high-severity issue allows attackers to bypass authentication through row hammer attacks, which exploit the integer value of authenticated in the mm_answer_authpassword function. 8, 2. Jan 25, 2024 · This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions. CVE-2023-3966 at MITRE. CVE-2023-51766 at MITRE. rose_ioctl in net/rose/af_rose. appx, and . 137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. This issue may allow an authenticated client to cause a denial of service. Description A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. SUSE information Upstream information. CVE-2023-20592 at MITRE. 1. SUSE Linux Enterprise Server for SAP Applications 15 SP6. Patchnames: SUSE-SLE-Product-HPC-15-SP1 An information leak vulnerability was discovered in HAProxy 2. SUSE Bugzilla entries: 1210629 [RESOLVED / FIXED], 1210630 [NEW], 1213842 [NEW] Upstream information. 2, and Thunderbird 115. 在 https://ubuntu Dec 24, 2023 · CVE-2023-51767 : OpenSSH through 9. This critical vulnerability has a high impact on security, with the potential for exploitation in the wild by threat actors. During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. msix, . CVE-2023-38546 at MITRE. Description An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10. This issue affects glibc 2. Description In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. 5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). 1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. SUSE Timeline for this CVE CVE page Upstream information. 5735. 37 and newer. 7. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. Some mod_proxy configurations on Apache HTTP Server versions 2. Description In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() callers seem to hold a reference of @mid so there is no need to call kref_put(&mid->refcount, __release_mid) under @server->mid_lock spinlock. Note from the SUSE Security Team on the kernel-default package. Description The jose4j component before 0. Upstream information. 它列出了一些漏洞，但其中许多是由简单的版本检查引起的，所以我认为是“误报”。. Client does not forward sensitive headers such as "Authorization" or "Cookie". Secure your Linux systems from CVE-2023-38473. CVE-2023-5517 at MITRE. CVE-2023-6867 at MITRE. CVE-2023-38408 at MITRE. CVE-2023-45322 at MITRE. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16. Published Date: Feb 17, 2024 Updated Date: Feb 17, 2024. 199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and This function is called by the syslog and vsyslog functions. 1, iOS 15. 6. Secure your Linux systems from CVE-2023-4733. Note: This vulnerability can be exploited by using APIs in the specified Component, e. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. CVE-2023-5727 at MITRE. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker Patchnames: SUSE-SLE-Module-Server-Applications-15-SP5-2023-4473. 3, and Thunderbird < 115. Dec 24, 2023 · Vulnerability CVE-2023-51767. Stay ahead of potential threats with the latest security updates from SUSE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. 1367. 5 and iPadOS 15. CVE-2023-5176 at MITRE. CVE-2023-48237 at MITRE. SUSE information. Description A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt () API. 0-150300. NOTE: this is applicable to a certain threat model of SUSE information. 3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. 1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb. Description Memory safety bugs present in Firefox 117, Firefox ESR 115. 5615. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queued for later processing. Overall state of this security issue: Resolved Note from the SUSE Security Team on the kernel-default package. Description Divide By Zero in GitHub repository vim/vim prior to 9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2023-5476 at MITRE. 3. Description In Sudo before 1. 2. CVE-2023-52787 at MITRE. Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. 0 Information. CVE-2023-28205 at MITRE. SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. cve-2023-48161 at mitre Description Buffer Overflow vulnerability in GifLib Project GifLib v. AI Recommended Content. To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. CVEs: CVE-2023-51767. 1, 2. CVE-2023-1667 at MITRE. Description An issue in Cppcheck 2. 8, and Firefox ESR < 102. 5. Description A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. Description An integer overflow in xerces-c++ 3. CVE-2023-52737 at MITRE. 4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. , through a web service which supplies data to the APIs. 0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-1127 at MITRE. 133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Description Heap buffer overflow in libwebp in Google Chrome prior to 116. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. msixbundle, . Description The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. Jul 20, 2023 · Upstream information. CVE-2023-3215 at MITRE. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. Description ** DISPUTED ** libxml2 through 2. SUSE Bugzilla entry: 1216051 [IN_PROGRESS] Secure your Linux systems from CVE-2023-36054. Description Heap buffer overflow in sqlite in Google Chrome prior to 112. c Dec 19, 2023 · Upstream information. OpenSSH through 9. 2024 Attack Intel Report Latest research by Oct 6, 2023 · Upstream information. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. 3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. CVE-2023-20521 at MITRE. 6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm Description. CVE-2023-5981 at MITRE. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. 11, 2. 1 and iPadOS 16. c. Description Exim before 4. CVE-2023-5535 at MITRE. CVE-2023-51767 at MITRE. Secure your Linux systems from CVE-2023-51779. Advisory ID: NTAP-20240125-0006 Version: 5. SUSE Linux Enterprise Server 15 SP6. 6, particularly when common types of DRAM are used. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. CVE-2023-46751 at MITRE. CVE-2023-22809 at MITRE. Description Buffer Overflow vulnerability in Vorbis-tools v. 12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for Dec 27, 2023 · OpenSSH could allow a local authenticated attacker to bypass security restrictions, caused by improper authentication. 5, iOS 16. Description When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http. 27, 2. Description The PKCS#11 feature in ssh-agent in OpenSSH before 9. 0 Last updated: 06/10/2024 Status: Interim. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker Dec 24, 2023 · CVE-2023-51767. . Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Jun 16, 2024 · Upstream information. CVE-2023-51767. This vulnerability affects Firefox < 118, Firefox ESR < 115. 4 before 2. 187 and libwebp 1. 6 before 2. 1, macOS Ventura 13. 2, macOS Sonoma 14. Description ncurses 6. CVE-2023-37536 at MITRE. 2 allows SMTP smuggling in certain configurations. 3, 2. 但其中一个漏洞是 OpenSSH 身份验证绕过漏洞 (CVE-2023-51767) 。. 43. Evaluated products: Security Advisory Description. 2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. Published: 2023-12-24. 55 allow a HTTP Request Smuggling attack. Patchnames: SUSE-SLE-Module-Basesystem-15-SP4-2023-4227 SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-4227: SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5: libvmtools-devel >= 12. 70 allowed a local attacker to bypass discretionary access control via a crafted command. 2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. NOTE: this is applicable to a certain threat model of attacker-victim co Secure your Linux systems from CVE-2023-20900. CVSS v3 Scores. Description This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. 318430] Kernel BUG [#1] [ 107. 5845. g. This vulnerability affects Firefox < 110, Thunderbird < 102. Name. The DNS message parsing code in `named` includes a section whose computational complexity is overly high. 0 through 2. CVE-2023-52768 at MITRE. First, it assumes that just because the sibling base device has been registered that means that it is also bound to a driver, which may not be the Secure your Linux systems from CVE-2023-51794. CVSS 3. 2 and iPadOS 17. SUSE Bugzilla entries: 1216584 [RESOLVED / FIXED], 1216644 [NEW], 1217557 [NEW], 1219697 [NEW], 1220191 [NEW] Upstream information. Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. Oct 11, 2023 · Upstream information. CVE-2023-5477 at MITRE. CVE-2023-45918 at MITRE. This vulnerability has been addressed in commit `73b2d379` which has been included in release Feb 17, 2024 · K000138643 : OpenSSH vulnerability CVE-2023-51767. Description A path traversal vulnerability was found in the CPIO utility. Description Use after free in WebRTC in Google Chrome prior to 114. Processing web content may lead to arbitrary code execution. Description In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. In the Linux kernel, the following vulnerability has been resolved: mfd: qcom-spmi-pmic: Fix revid implementation The Qualcomm SPMI PMIC revid implementation is broken in multiple ways. Description The executable file warning was not presented when downloading . CVE-2023-5441 at MITRE. NOTE: this is applicable to a certain Upstream information. 9. Description In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. SUSE Linux Enterprise High Performance Computing 15 SP6. Description TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. Please refer to TID 21496 for more details. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. xp zk pp kc qe gd nm yj if no