CVE-2023-51767. 5563. SUSE information Upstream information. 7. SUSE Linux Enterprise Server 15 SP5. Description A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. co-location in which the attacker has user privileges. Description OpenSSH through 9. SUSE Linux Enterprise Module for Server Applications 15 SP5. Secure your Linux systems from CVE-2023-38288. CVE-2023-2137 at MITRE. Secure your Linux systems from CVE-2023-38559. Patchnames: openSUSE-SLE-15. 1402. Description In Sudo before 1. Description Memory safety bugs present in Firefox 117, Firefox ESR 115. Secure your Linux systems from CVE-2023-51797. This issue is fixed in Safari 16. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. 9 and 6. 18 and prior. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. Dec 23, 2023 · CVE-2023-51767. Description Sensitive data could be exposed in logs of cloud-init before version 23. Description When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. CVE-2023-46724 at MITRE. To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. 8. CVE-2023-5168 at MITRE. CVE-2023-26767 at MITRE. 0 prior to 6. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the Secure your Linux systems from CVE-2023-39417. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. 8, and Firefox ESR < 102. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol Upstream information. 1 Upstream information. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queued for later processing. Dec 24, 2023 · OpenSSH through 9. CVE-2023-1355 at MITRE. Jan 18, 2024 · SUSE: CVE-2023-51779: SUSE Linux Security Advisory. 18. CVE-2021-41617 at MITRE. Patchnames: SUSE-SLE-Product-HPC-15-SP1 Upstream information. cpp:1934. Free InsightVM Trial No Credit Card Necessary. This vulnerability affects Firefox < 118, Firefox ESR < 115. 137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Stay ahead of potential threats with the latest security updates from SUSE. SUSE Bugzilla entries: 1218559 [RESOLVED / FIXED], 1218610 [NEW], 1220015 [NEW], 1220191 [NEW], 1221578 [NEW], 1221598 [NEW] Description. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. CVE-2023-39198 at MITRE. 10. CVE-2023-6356 at MITRE. Impact is low, user interaction is required and a crash may not even happen in all situations. 2, gdevijs. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty. 0. Secure your Linux systems from CVE-2023-35945. 6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. 4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. 3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. This vulnerability affects Firefox < 110, Thunderbird < 102. Description Buffer Overflow vulnerability in Vorbis-tools v. 1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. Description Squid is a caching proxy for the Web. MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. Description In the Linux kernel through 6. 5-2023-3018 Description. Patchnames: SUSE-SLE-Module-Basesystem-15-SP4-2023-4227 SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-4227: SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5: libvmtools-devel >= 12. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. CVE-2023-51764 at MITRE. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. A remote code execution vulnerability was found in Shim. CVE-2023-1786 at MITRE. 07. While the total number of requests is bounded by the http2. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. 1 and iPadOS 16. 1, iOS 15. . NOTE: this is applicable to a certain threat model of attacker-victim co-location in Upstream information. Description A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. CVE-2023-28322 at MITRE. 1 through 5. 64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker Description. CVE-2023-51765 at MITRE. SUSE Linux Enterprise Server for SAP Applications 15 SP5. CVE-2023-52160 at MITRE. This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params (), leading to a possible kernel crash and denial of service. 1-2023-4527. This vulnerability has been addressed in commit `73b2d379` which has been included in release Secure your Linux systems from CVE-2023-0464. CVE-2023-38408 at MITRE. 11-S1 through 9. 22 recognizes "e-Tugra" root certificates. Description Buffer Overflow vulnerability found in Liblouis v. Nov 1, 2023 · Upstream information. TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. Due to an Improper Validation of Specified Index bug, Squid versions 3. 9. 5 padding. A sub-feature of this are Shadow Stacks (CET-SS). A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group (). Debian's cpio contains a path traversal vulnerability. Patchnames: SUSE-SLE-Product-SLES_SAP Description. 11. Server. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be Upstream information. CVE-2023-52670 at MITRE. A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. cve-2023-1220 at mitre Description Heap buffer overflow in UMA in Google Chrome prior to 111. 1, 3. Patchnames: SUSE-SLE-Product-HPC-15-SP1 Name. SUSE Linux Enterprise Server for SAP Applications 15 SP4. 3. 2024 Attack Intel Report Latest research by cve-2023-51767 at mitre Description OpenSSH through 9. Upstream has since provided a proper fix to --no-absolute-filenames. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. 9, and 6. Likewise, applications that use DH_check_pub_key (), DH_check_pub_key_ex () or EVP_PKEY cve-2023-51775 at mitre Description The jose4j component before 0. Description sendmail through 8. In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check find_first_bit () return value We must check the return value of find_first_bit () before using the return value as an index array since it happens to overflow the array and then panic: [ 107. SUSE Linux Enterprise Module for Development Tools 15 SP4. CVE-2023-20592 at MITRE. 0 through 9. 5, iOS 16. 272s) hex dump Upstream information. When enabled, traditional stacks holding both data and return addresses are accompanied by so called Feb 7, 2024 · Description. Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. 319434] CPU: 3 PID CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request (bsc#1213925) CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake (bsc#1212850) [openSUSE] roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2. Certifi prior to version 2023. 12. 42 DH key may experience long delays. Client does not forward sensitive headers such as "Authorization" or "Cookie". Description A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. Description In the Linux kernel, the following vulnerability has been resolved: rpmsg: virtio: Free driver_override when rpmsg_remove() Free driver_override when rpmsg_remove(), otherwise the following memory leak will occur: unreferenced object 0xffff0000d55d7080 (size 128): comm "kworker/u8:2", pid 56, jiffies 4294893188 (age 214. CVE-2023-1670 at MITRE. x through 6. An issue was found in the CPython `tempfile. CVE-2023-52475 at MITRE. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data. CVE-2023-43361 at MITRE. 2 allows SMTP smuggling in certain configurations. CVE-2024-1553 at MITRE. Patchnames: SUSE-SLE-Product-HPC-15-SP1 SUSE-Storage-7. Secure your Linux systems from CVE-2023-50761. Description An information disclosure vulnerability exists in curl <v8. 4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. Jun 30, 2024 · CVE-2023-51767. NOTE: this is applicable to a certain threat model of attacker-victim. This bug is fixed by Squid version 6. x before 6. SUSE Bugzilla entries: 1216584 [RESOLVED / FIXED], 1216644 [NEW], 1217557 [NEW], 1219697 [NEW], 1220191 [NEW] Description. c has a use-after-free because of a rose_accept race condition. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. Note from the SUSE Security Team on the kernel-default package. 17. Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). CVE-2023-51782 at MITRE. 318430] Kernel BUG [#1] [ 107. eventlet before 0. 2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. 2024 Attack Intel Report Latest research by Rapid7 Labs. Description Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. Vim is an open source command line text editor. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. CVE-2023-37369 at MITRE. This issue affects BIND 9 versions 9. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. librabbitmq-devel >= 0. Description In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. Description. Secure your Linux systems from CVE-2023-31484. A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. 41 (bsc#1215311) Upstream information. Description A out-of-bounds write flaw was found in the xorg-x11-server. 5-2023-4370 Secure your Linux systems from CVE-2023-27561. Description Heap buffer overflow in sqlite in Google Chrome prior to 112. 5615. Description A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1. SUSE Linux Enterprise Server 15 SP4. CVE-2023-40551 at MITRE. Secure your Linux systems from CVE-2023-20900. 12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. 2. Impact summary: Applications that use the functions DH_generate_key () to generate an X9. Description A use after free issue was addressed with improved memory management. CVE-2023-51767 at MITRE. Dec 24, 2023 · SUSE: CVE-2023-51764: SUSE Linux Security Advisory Free InsightVM Trial No Credit Card Necessary. Oct 11, 2023 · Secure your Linux systems from CVE-2023-38546. TemporaryDirectory` class affecting versions 3. c, allowing for possible escalation of privileges or Upstream information. CVE-2023-22809 at MITRE. 15, 6. CVE-2023-52787 at MITRE. Products under Long Term Service Pack support and receiving important and critical security fixes. 5 and iPadOS 15. x before 8. 42 DH keys or checking excessively long X9. Secure your Linux systems from CVE-2023-4733. Description The implementation of PEAP in wpa_supplicant through 2. Description sshd in OpenSSH 6. Issue summary: Generating excessively long X9. Description Postfix through 3. SUSE Timeline for this CVE CVE page 3 days ago · Upstream information. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. CVE-2023-32233 at MITRE. Users are advised to upgrade. Description The PKCS#11 feature in ssh-agent in OpenSSH before 9. 10 allows authentication bypass. 0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc. 1, macOS Ventura 13. Description A flaw was found in the MZ binary format in Shim. Description An issue was discovered in the Linux kernel before 6. 18, and 3. 0-150300. Dec 24, 2023 · cve-2023-51767 High severity Unreviewed Published Dec 24, 2023 to the GitHub Advisory Database • Updated Mar 7, 2024 Package SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. 0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. 2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. CVE-2023-38545 at MITRE. 3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. 35. 15. Secure your Linux systems from CVE-2023-1077. SUSE Timeline for this CVE CVE page Upstream information. 0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. Upstream information. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Secure your Linux systems from CVE-2023-27561. Products under general support and receiving all security fixes. Please refer to TID 21496 for more details. 4-2023-3507 SUSE-SLE-Module-Server-Applications-15-SP4-2023-2823. bit. 4-2023-1703 Jul 20, 2023 · Upstream information. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. CVE-2023-28205 at MITRE. 18-S1. Description Qt before 6. CVE-2023-39070 at MITRE. 1. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. SUSE Linux Enterprise High Performance Computing 15 SP5. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Thus we may not provide security support for this package if doing so would prevent access to Upstream information. Description An issue in Cppcheck 2. 42 DH keys or parameters may be very slow. Description In Qt before 5. When using the z= command, the user may overflow the count with values larger than MAX_INT. Secure your Linux systems from CVE-2023-39321. CVE-2023-24607 at MITRE. 01. Description A race condition was found in the QXL driver in the Linux kernel. A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. 3, and Thunderbird < 115. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Back to Search. CVE-2023-5517 at MITRE. Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. 4. Jul 13, 2023 · Secure your Linux systems from CVE-2023-38197. SUSE Manager Proxy 4. 43. A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). Description A flaw was found in the Linux kernel's NVMe driver. When enabled, traditional stacks holding both data and return addresses are accompanied by so called Description. CVE-2023-5981 at MITRE. Description NULL Pointer Dereference in GitHub repository vim/vim prior to 9. Certifi 2023. openssh-ssh1 is provided for compatibility with old devices that cannot be upgraded to modern protocols. Description This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. In Artifex Ghostscript through 10. 12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token. 18 and 9. Description Memory safety bugs present in Firefox 122, Firefox ESR 115. The tempfile. 22 removes root certificates from "e-Tugra" from the root store. Dec 24, 2023 · CVE-2023-51767 Detail Description OpenSSH through 9. SUSE Linux Enterprise Desktop 15 SP4. 7, and Thunderbird 115. A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. OpenSSH through 9. 7, 3. CVE-2023-45289 at MITRE. Products past their end of life and not receiving proactive updates anymore. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. SUSE Linux Enterprise High Performance Computing 15 SP4. 24. 5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). 13, 3. 6. 5. c and in RRChangeOutputProperty function in randr/rrproperty. CVE-2023-5176 at MITRE. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm Upstream information. SUSE product lifecycles are documented on the lifecycle page . 2 through 8. CVE-2023-5367 at MITRE. c endpoint. 2, and Thunderbird 115. During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. rose_ioctl in net/rose/af_rose. Secure your Linux systems from CVE-2023-45283. Description In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. 2, as used in dnspython before 2. 8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. lr pj fl vs fz wz ul kw kk ka