Report Name: Linux Patch Wednesday January 2024
Generated: 2024-01-30 03:03:48

Product Name	Prevalence	U	C	H	M	L	A	Comment
Linux Kernel	0.9			5	9		14	The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel
Sudo	0.9			1			1	Sudo is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user
Chromium	0.8				5		5	Chromium is a free and open-source web browser project, mainly developed and maintained by Google
Mozilla Firefox	0.8			1	4		5	Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation
OpenSSH	0.8			1	1		2	OpenSSH is a suite of secure networking utilities based on the Secure Shell protocol, which provides a secure channel over an unsecured network in a client–server architecture
Apache Tomcat	0.7			1	1		2	Apache Tomcat is a free and open-source implementation of the Jakarta Servlet, Jakarta Expression Language, and WebSocket technologies
QEMU	0.7			2	4		6	QEMU is a generic and open source machine & userspace emulator and virtualizer
SQLite	0.7			2			2	SQLite is a database engine written in the C programming language
Exim	0.6				1		1	Exim is a mail transfer agent (MTA) used on Unix-like operating systems
Python	0.6			1			1	Python is a high-level, general-purpose programming language
.NET	0.5					1	1	Product detected by a:microsoft:.net (exists in CPE dict)
Asterisk	0.5			1	2		3	Product detected by a:digium:asterisk (exists in CPE dict)
Go	0.5				1	1	2	Product detected by a:golang:go (exists in CPE dict)
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider	0.5			1			1	Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider
Monit	0.5				1		1	Product detected by a:tildeslash:monit (exists in CPE dict)
NET, .NET Framework, and Visual Studio	0.5			1			1	NET, .NET Framework, and Visual Studio
Osslsigncode	0.5				1		1	Product detected by a:osslsigncode_project:osslsigncode (exists in CPE dict)
PJSIP	0.5				1		1	Product detected by a:teluu:pjsip (exists in CPE dict)
Psr-7	0.5				1		1	Product detected by a:guzzlephp:psr-7 (exists in CPE dict)
Squid	0.5			2	1		3	Product detected by a:squid-cache:squid (exists in CPE dict)
TinyXML	0.5				1		1	Product detected by a:tinyxml_project:tinyxml (exists in CPE dict)
Werkzeug	0.5				1		1	Werkzeug is a comprehensive WSGI web application library
Xorg-server	0.5				1		1	Product detected by a:x.org:xorg-server (exists in CPE dict)
ansible	0.5				1		1	Product detected by a:redhat:ansible (exists in CPE dict)
ansible_automation_platform	0.5				1		1	Product detected by a:redhat:ansible_automation_platform (exists in CPE dict)
cJSON	0.5			1			1	Product detected by a:cjson_project:cjson (exists in CPE dict)
drupal	0.5				1		1	Product detected by a:drupal:drupal (exists in CPE dict)
es450	0.5				1		1	Product detected by h:sierrawireless:es450 (exists in CPE dict)
freeipa	0.5				1		1	Product detected by a:freeipa:freeipa (exists in CPE dict)
keycloak	0.5				1		1	Product detected by a:redhat:keycloak (exists in CPE dict)
libde265	0.5			3			3	Product detected by a:struktur:libde265 (exists in CPE dict)
libssh	0.5				1	1	2	Product detected by a:libssh:libssh (exists in CPE dict)
openshift_container_platform_for_arm64	0.5					1	1	Product detected by a:redhat:openshift_container_platform_for_arm64 (exists in CPE dict)
spreadsheet::parseexcel	0.5		1				1	Product detected by a:jmcnamara:spreadsheetparseexcel (does NOT exist in CPE dict)
twisted	0.5			1			1	Product detected by a:twistedmatrix:twisted (exists in CPE dict)
w3m	0.5			1			1	Product detected by a:tats:w3m (does NOT exist in CPE dict)
xerces-c\\+\\+	0.5				1		1	Product detected by a:apache:xerces-c\\+\\+ (does NOT exist in CPE dict)
Unknown Product	0					7	7	Unknown Product

Vulnerability Type	Criticality	U	C	H	M	L	A
Remote Code Execution	1.0		1		1		2
Code Injection	0.97				1		1
Command Injection	0.97			1			1
Authentication Bypass	0.95				1		1
Security Feature Bypass	0.9			6	4		10
Elevation of Privilege	0.85			4			4
Information Disclosure	0.83				1		1
Open Redirect	0.75				1		1
Denial of Service	0.7			4	9		13
Path Traversal	0.7				2		2
Incorrect Calculation	0.5			1	3		4
Memory Corruption	0.5			7	14	1	22
Unknown Vulnerability Type	0			2	7	10	19

Source	U	C	H	M	L	A
debian		1	20	38	9	68
ubuntu			16	17	9	42
redhat			9	8	8	25
oraclelinux			6	4	7	17
almalinux			6	3	2	11

Urgent (0)

Critical (1)

1. Remote Code Execution - spreadsheet::parseexcel (CVE-2023-7101) - Critical [678]

Description: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.

debian: CVE-2023-7101 was patched at 2023-12-30, 2023-12-31, unknown date

High (25)

2. Denial of Service - Asterisk (CVE-2023-49786) - High [589]

Description: Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable Asterisk servers for calls that rely on DTLS-SRTP. Commit d7d7764cb07c8a1872804321302ef93bf62cba05 contains a fix, which is part of versions 18.20.1, 20.5.1, 21.0.1, amd 18.9-cert6.

debian: CVE-2023-49786 was patched at 2023-12-29, 2024-01-04, unknown date

3. Security Feature Bypass - Python (CVE-2023-27043) - High [570]

Description: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.

debian: CVE-2023-27043 was patched at unknown date

redhat: CVE-2023-27043 was patched at 2024-01-15, 2024-01-25

oraclelinux: CVE-2023-27043 was patched at 2024-01-16, 2024-01-25

almalinux: CVE-2023-27043 was patched at 2024-01-15, 2024-01-25

4. Memory Corruption - SQLite (CVE-2023-7104) - High [539]

Description: A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

debian: CVE-2023-7104 was patched at unknown date

ubuntu: CVE-2023-7104 was patched at 2024-01-03

redhat: CVE-2023-7104 was patched at 2024-01-15, 2024-01-25

oraclelinux: CVE-2023-7104 was patched at 2024-01-16, 2024-01-25

almalinux: CVE-2023-7104 was patched at 2024-01-15, 2024-01-25

5. Memory Corruption - Linux Kernel (CVE-2023-6606) - High [536]

Description: An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

debian: CVE-2023-6606 was patched at 2024-01-11, unknown date

ubuntu: CVE-2023-6606 was patched at 2024-01-25, 2024-01-26

6. Memory Corruption - libde265 (CVE-2023-49465) - High [529]

Description: Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc.

debian: CVE-2023-49465 was patched at 2023-12-30, unknown date

7. Memory Corruption - libde265 (CVE-2023-49467) - High [529]

Description: Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc.

debian: CVE-2023-49467 was patched at 2023-12-30, unknown date

8. Memory Corruption - libde265 (CVE-2023-49468) - High [529]

Description: Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.

debian: CVE-2023-49468 was patched at 2023-12-30, unknown date

9. Security Feature Bypass - twisted (CVE-2023-46137) - High [517]

Description: Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, the attacker can delay the response on purpose to manipulate the response of the second request when a victim launched two requests using HTTP pipeline. Version 23.10.0rc1 contains a patch for this issue.

debian: CVE-2023-46137 was patched at unknown date

ubuntu: CVE-2023-46137 was patched at 2024-01-10

10. Denial of Service - w3m (CVE-2023-4255) - High [494]

Description: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.

debian: CVE-2023-4255 was patched at unknown date

ubuntu: CVE-2023-4255 was patched at 2024-01-15

11. Incorrect Calculation - QEMU (CVE-2023-42467) - High [491]

Description: QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.

debian: CVE-2023-42467 was patched at unknown date

ubuntu: CVE-2023-42467 was patched at 2024-01-08

12. Memory Corruption - QEMU (CVE-2023-40360) - High [491]

Description: QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.

ubuntu: CVE-2023-40360 was patched at 2024-01-08

13. Memory Corruption - cJSON (CVE-2023-50471) - High [482]

Description: cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.

debian: CVE-2023-50471 was patched at 2023-12-30, unknown date

14. Command Injection - OpenSSH (CVE-2023-51385) - High [461]

Description: In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

debian: CVE-2023-51385 was patched at 2023-12-22, 2023-12-26, unknown date

ubuntu: CVE-2023-51385 was patched at 2024-01-03, 2024-01-11

redhat: CVE-2023-51385 was patched at 2024-01-25

15. Security Feature Bypass - Apache Tomcat (CVE-2023-46589) - High [455]

Description: Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.

debian: CVE-2023-46589 was patched at 2024-01-05, unknown date

redhat: CVE-2023-46589 was patched at 2024-01-29

16. Unknown Vulnerability Type - Mozilla Firefox (CVE-2023-6872) - High [454]

Description: {'nvd_cve_data_all': 'Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.', 'combined_cve_data_all': ''}

ubuntu: CVE-2023-6872 was patched at 2024-01-02

17. Denial of Service - Squid (CVE-2023-49285) - High [422]

Description: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

debian: CVE-2023-49285 was patched at 2024-01-09, unknown date

ubuntu: CVE-2023-49285 was patched at 2024-01-23

redhat: CVE-2023-49285 was patched at 2024-01-03, 2024-01-08, 2024-01-24

oraclelinux: CVE-2023-49285 was patched at 2024-01-04, 2024-01-10

almalinux: CVE-2023-49285 was patched at 2024-01-03, 2024-01-08

18. Denial of Service - Squid (CVE-2023-49286) - High [422]

Description: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

debian: CVE-2023-49286 was patched at 2024-01-09, unknown date

ubuntu: CVE-2023-49286 was patched at 2024-01-23

redhat: CVE-2023-49286 was patched at 2024-01-03, 2024-01-08, 2024-01-24

oraclelinux: CVE-2023-49286 was patched at 2024-01-04, 2024-01-10

almalinux: CVE-2023-49286 was patched at 2024-01-03, 2024-01-08

19. Security Feature Bypass - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider (CVE-2024-0056) - High [422]

Description: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

redhat: CVE-2024-0056 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2024-0056 was patched at 2024-01-12, 2024-01-16, 2024-01-17

almalinux: CVE-2024-0056 was patched at 2024-01-10

20. Security Feature Bypass - NET, .NET Framework, and Visual Studio (CVE-2024-0057) - High [422]

Description: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

ubuntu: CVE-2024-0057 was patched at 2024-01-11

redhat: CVE-2024-0057 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2024-0057 was patched at 2024-01-12, 2024-01-16, 2024-01-17

almalinux: CVE-2024-0057 was patched at 2024-01-10

21. Security Feature Bypass - Sudo (CVE-2022-38060) - High [417]

Description: A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.

redhat: CVE-2022-38060 was patched at 2024-01-16

22. Unknown Vulnerability Type - SQLite (CVE-2022-46908) - High [414]

Description: {'nvd_cve_data_all': 'SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.', 'combined_cve_data_all': ''}

debian: CVE-2022-46908 was patched at unknown date

ubuntu: CVE-2022-46908 was patched at 2024-01-03

23. Elevation of Privilege - Linux Kernel (CVE-2023-6111) - High [408]

Description: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times. We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630.

debian: CVE-2023-6111 was patched at unknown date

ubuntu: CVE-2023-6111 was patched at 2024-01-10

24. Elevation of Privilege - Linux Kernel (CVE-2023-6817) - High [408]

Description: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

debian: CVE-2023-6817 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

ubuntu: CVE-2023-6817 was patched at 2024-01-25, 2024-01-26

25. Elevation of Privilege - Linux Kernel (CVE-2023-6931) - High [408]

Description: A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.

debian: CVE-2023-6931 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

ubuntu: CVE-2023-6931 was patched at 2024-01-25, 2024-01-26

26. Elevation of Privilege - Linux Kernel (CVE-2023-6932) - High [408]

Description: A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.

debian: CVE-2023-6932 was patched at 2024-01-02, 2024-01-11, unknown date

ubuntu: CVE-2023-6932 was patched at 2024-01-25, 2024-01-26

Medium (44)

27. Denial of Service - Squid (CVE-2023-50269) - Medium [398]

Description: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.

debian: CVE-2023-50269 was patched at 2024-01-09, unknown date

ubuntu: CVE-2023-50269 was patched at 2024-01-23

redhat: CVE-2023-50269 was patched at 2024-01-24

28. Security Feature Bypass - drupal (CVE-2022-24775) - Medium [386]

Description: guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds.

debian: CVE-2022-24775 was patched at 2024-01-01, unknown date

29. Security Feature Bypass - Exim (CVE-2023-51766) - Medium [379]

Description: Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.

debian: CVE-2023-51766 was patched at 2024-01-04, 2024-01-06, unknown date

ubuntu: CVE-2023-51766 was patched at 2024-01-29

30. Memory Corruption - Chromium (CVE-2024-0225) - Medium [377]

Description: Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

debian: CVE-2024-0225 was patched at 2024-01-04, unknown date

31. Security Feature Bypass - Chromium (CVE-2024-0333) - Medium [377]

Description: Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High)

debian: CVE-2024-0333 was patched at 2024-01-10, unknown date

32. Security Feature Bypass - freeipa (CVE-2023-5455) - Medium [375]

Description: A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.

debian: CVE-2023-5455 was patched at unknown date

redhat: CVE-2023-5455 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2023-5455 was patched at 2024-01-10, 2024-01-11, 2024-01-12

almalinux: CVE-2023-5455 was patched at 2024-01-10

33. Authentication Bypass - QEMU (CVE-2023-2861) - Medium [369]

Description: A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.

debian: CVE-2023-2861 was patched at unknown date

ubuntu: CVE-2023-2861 was patched at 2024-01-08

34. Remote Code Execution - Osslsigncode (CVE-2023-36377) - Medium [369]

Description: Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.

debian: CVE-2023-36377 was patched at 2023-12-23, unknown date

35. Incorrect Calculation - Mozilla Firefox (CVE-2023-6866) - Medium [365]

Description: TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.

ubuntu: CVE-2023-6866 was patched at 2024-01-02

36. Memory Corruption - Chromium (CVE-2024-0222) - Medium [365]

Description: Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

debian: CVE-2024-0222 was patched at 2024-01-04, unknown date

37. Memory Corruption - Chromium (CVE-2024-0223) - Medium [365]

Description: Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

debian: CVE-2024-0223 was patched at 2024-01-04, unknown date

38. Memory Corruption - Chromium (CVE-2024-0224) - Medium [365]

Description: Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

debian: CVE-2024-0224 was patched at 2024-01-04, unknown date

39. Denial of Service - Asterisk (CVE-2023-37457) - Medium [363]

Description: Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.

debian: CVE-2023-37457 was patched at 2023-12-29, 2024-01-04, unknown date

40. Incorrect Calculation - xerces-c\\+\\+ (CVE-2023-37536) - Medium [363]

Description: An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.

debian: CVE-2023-37536 was patched at 2023-12-31, unknown date

ubuntu: CVE-2023-37536 was patched at 2024-01-18

41. Denial of Service - Linux Kernel (CVE-2022-36402) - Medium [358]

Description: An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

debian: CVE-2022-36402 was patched at unknown date

redhat: CVE-2022-36402 was patched at 2024-01-10

42. Denial of Service - Linux Kernel (CVE-2023-6622) - Medium [358]

Description: A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.

debian: CVE-2023-6622 was patched at 2024-01-01, unknown date

43. Memory Corruption - Linux Kernel (CVE-2023-51780) - Medium [358]

Description: An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

debian: CVE-2023-51780 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

44. Information Disclosure - Mozilla Firefox (CVE-2023-6135) - Medium [352]

Description: Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

debian: CVE-2023-6135 was patched at unknown date

ubuntu: CVE-2023-6135 was patched at 2024-01-02

45. Memory Corruption - Xorg-server (CVE-2023-6816) - Medium [351]

Description: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

debian: CVE-2023-6816 was patched at 2024-01-23, unknown date

ubuntu: CVE-2023-6816 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2023-6816 was patched at 2024-01-22

oraclelinux: CVE-2023-6816 was patched at 2024-01-22

46. Memory Corruption - Linux Kernel (CVE-2023-6531) - Medium [346]

Description: A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.

debian: CVE-2023-6531 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

47. Open Redirect - keycloak (CVE-2023-6927) - Medium [336]

Description: A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.

redhat: CVE-2023-6927 was patched at 2024-01-09

48. Memory Corruption - Linux Kernel (CVE-2023-35827) - Medium [334]

Description: An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.

debian: CVE-2023-35827 was patched at 2024-01-02, 2024-01-11, unknown date

49. Memory Corruption - Linux Kernel (CVE-2023-51781) - Medium [334]

Description: An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.

debian: CVE-2023-51781 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

50. Memory Corruption - Linux Kernel (CVE-2023-51782) - Medium [334]

Description: An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.

debian: CVE-2023-51782 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

51. Memory Corruption - Linux Kernel (CVE-2023-6121) - Medium [334]

Description: An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).

debian: CVE-2023-6121 was patched at 2024-01-02, 2024-01-11, unknown date

52. Code Injection - libssh (CVE-2023-6004) - Medium [327]

Description: A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.

debian: CVE-2023-6004 was patched at 2023-12-28, unknown date

ubuntu: CVE-2023-6004 was patched at 2024-01-22

53. Denial of Service - TinyXML (CVE-2023-34194) - Medium [327]

Description: StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.

debian: CVE-2023-34194 was patched at 2023-12-31, unknown date

ubuntu: CVE-2023-34194 was patched at 2024-01-29

54. Denial of Service - Werkzeug (CVE-2023-46136) - Medium [327]

Description: Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1.

debian: CVE-2023-46136 was patched at unknown date

redhat: CVE-2023-46136 was patched at 2024-01-16

55. Memory Corruption - PJSIP (CVE-2023-38703) - Medium [327]

Description: PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.

debian: CVE-2023-38703 was patched at 2023-12-29, 2024-01-04, unknown date

56. Denial of Service - Apache Tomcat (CVE-2023-42794) - Medium [324]

Description: Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.

redhat: CVE-2023-42794 was patched at 2024-01-10, 2024-01-25

oraclelinux: CVE-2023-42794 was patched at 2024-01-11, 2024-01-25

almalinux: CVE-2023-42794 was patched at 2024-01-10, 2024-01-25

57. Denial of Service - QEMU (CVE-2023-3019) - Medium [324]

Description: A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.

debian: CVE-2023-3019 was patched at unknown date

redhat: CVE-2023-3019 was patched at 2024-01-10, 2024-01-25

oraclelinux: CVE-2023-3019 was patched at 2024-01-12

almalinux: CVE-2023-3019 was patched at 2024-01-10

58. Memory Corruption - Linux Kernel (CVE-2023-45863) - Medium [322]

Description: An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.

debian: CVE-2023-45863 was patched at 2024-01-02, 2024-01-11, unknown date

ubuntu: CVE-2023-45863 was patched at 2024-01-10, 2024-01-25

59. Denial of Service - es450 (CVE-2023-40462) - Medium [315]

Description: The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.

debian: CVE-2023-40462 was patched at 2023-12-31

60. Path Traversal - Asterisk (CVE-2023-49294) - Medium [315]

Description: Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the `live_dangerously` is not enabled. This allows arbitrary files to be read. Asterisk versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, contain a fix for this issue.

debian: CVE-2023-49294 was patched at 2023-12-29, 2024-01-04, unknown date

61. Path Traversal - ansible_automation_platform (CVE-2023-5115) - Medium [315]

Description: An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

debian: CVE-2023-5115 was patched at 2023-12-28, unknown date

62. Incorrect Calculation - QEMU (CVE-2023-5088) - Medium [289]

Description: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot.

debian: CVE-2023-5088 was patched at unknown date

ubuntu: CVE-2023-5088 was patched at 2024-01-08

63. Memory Corruption - QEMU (CVE-2023-4135) - Medium [289]

Description: A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.

ubuntu: CVE-2023-4135 was patched at 2024-01-08

64. Unknown Vulnerability Type - Mozilla Firefox (CVE-2023-6869) - Medium [240]

Description: {'nvd_cve_data_all': 'A `&lt;dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A `&lt;dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.', 'combined_cve_data_all': ''}

ubuntu: CVE-2023-6869 was patched at 2024-01-02

65. Unknown Vulnerability Type - Monit (CVE-2022-26563) - Medium [238]

Description: {'nvd_cve_data_all': 'An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.', 'combined_cve_data_all': ''}

debian: CVE-2022-26563 was patched at unknown date

ubuntu: CVE-2022-26563 was patched at 2024-01-09

66. Unknown Vulnerability Type - ansible (CVE-2022-3697) - Medium [238]

Description: {'nvd_cve_data_all': 'A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.', 'combined_cve_data_all': ''}

debian: CVE-2022-3697 was patched at 2023-12-28, unknown date

67. Unknown Vulnerability Type - OpenSSH (CVE-2023-51384) - Medium [216]

Description: {'nvd_cve_data_all': 'In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.', 'combined_cve_data_all': ''}

debian: CVE-2023-51384 was patched at unknown date

ubuntu: CVE-2023-51384 was patched at 2024-01-03

68. Unknown Vulnerability Type - Mozilla Firefox (CVE-2023-6871) - Medium [204]

Description: {'nvd_cve_data_all': 'Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.', 'combined_cve_data_all': ''}

ubuntu: CVE-2023-6871 was patched at 2024-01-02

69. Unknown Vulnerability Type - Go (CVE-2023-45285) - Medium [202]

Description: {'nvd_cve_data_all': 'Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module proxy and are fetching modules directly (i.e. GOPROXY=off).', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module proxy and are fetching modules directly (i.e. GOPROXY=off).', 'combined_cve_data_all': ''}

debian: CVE-2023-45285 was patched at unknown date

ubuntu: CVE-2023-45285 was patched at 2024-01-11

70. Unknown Vulnerability Type - Psr-7 (CVE-2023-29197) - Medium [202]

Description: {'nvd_cve_data_all': 'guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.', 'combined_cve_data_all': ''}

debian: CVE-2023-29197 was patched at 2024-01-01, unknown date

Low (11)

71. Memory Corruption - Unknown Product (CVE-2024-0409) - Low [196]

Description: {'nvd_cve_data_all': 'A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.', 'combined_cve_data_all': ''}

debian: CVE-2024-0409 was patched at 2024-01-23, unknown date

ubuntu: CVE-2024-0409 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2024-0409 was patched at 2024-01-22

oraclelinux: CVE-2024-0409 was patched at 2024-01-22

72. Unknown Vulnerability Type - .NET (CVE-2024-21319) - Low [190]

Description: {'nvd_cve_data_all': 'Microsoft Identity Denial of service vulnerability', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Microsoft Identity Denial of service vulnerability', 'combined_cve_data_all': ''}

ubuntu: CVE-2024-21319 was patched at 2024-01-11

redhat: CVE-2024-21319 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2024-21319 was patched at 2024-01-12, 2024-01-16, 2024-01-17

almalinux: CVE-2024-21319 was patched at 2024-01-10

73. Unknown Vulnerability Type - Go (CVE-2023-39326) - Low [166]

Description: {'nvd_cve_data_all': 'A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small.', 'combined_cve_data_all': ''}

debian: CVE-2023-39326 was patched at unknown date

ubuntu: CVE-2023-39326 was patched at 2024-01-11

74. Unknown Vulnerability Type - openshift_container_platform_for_arm64 (CVE-2023-5625) - Low [166]

Description: {'nvd_cve_data_all': 'A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.', 'combined_cve_data_all': ''}

redhat: CVE-2023-5625 was patched at 2024-01-16

75. Unknown Vulnerability Type - libssh (CVE-2023-6918) - Low [154]

Description: {'nvd_cve_data_all': 'A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.', 'combined_cve_data_all': ''}

debian: CVE-2023-6918 was patched at 2023-12-28, unknown date

ubuntu: CVE-2023-6918 was patched at 2024-01-22

76. Unknown Vulnerability Type - Unknown Product (CVE-2024-0408) - Low [83]

Description: {'nvd_cve_data_all': 'A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.', 'combined_cve_data_all': ''}

debian: CVE-2024-0408 was patched at 2024-01-23, unknown date

ubuntu: CVE-2024-0408 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2024-0408 was patched at 2024-01-22

oraclelinux: CVE-2024-0408 was patched at 2024-01-22

77. Unknown Vulnerability Type - Unknown Product (CVE-2023-51779) - Low [23]

Description: {'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

debian: CVE-2023-51779 was patched at 2024-01-01, unknown date

ubuntu: CVE-2023-51779 was patched at 2024-01-25

78. Unknown Vulnerability Type - Unknown Product (CVE-2023-5388) - Low [0]

Description: {'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

debian: CVE-2023-5388 was patched at unknown date

redhat: CVE-2023-5388 was patched at 2024-01-09, 2024-01-10

oraclelinux: CVE-2023-5388 was patched at 2024-01-10

almalinux: CVE-2023-5388 was patched at 2024-01-10

79. Unknown Vulnerability Type - Unknown Product (CVE-2024-0229) - Low [0]

Description: {'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

debian: CVE-2024-0229 was patched at 2024-01-23, unknown date

ubuntu: CVE-2024-0229 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2024-0229 was patched at 2024-01-22

oraclelinux: CVE-2024-0229 was patched at 2024-01-22

80. Unknown Vulnerability Type - Unknown Product (CVE-2024-21885) - Low [0]

Description: {'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

debian: CVE-2024-21885 was patched at 2024-01-23, unknown date

ubuntu: CVE-2024-21885 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2024-21885 was patched at 2024-01-22

oraclelinux: CVE-2024-21885 was patched at 2024-01-22

81. Unknown Vulnerability Type - Unknown Product (CVE-2024-21886) - Low [0]

Description: {'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

debian: CVE-2024-21886 was patched at 2024-01-23, unknown date

ubuntu: CVE-2024-21886 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2024-21886 was patched at 2024-01-22

oraclelinux: CVE-2024-21886 was patched at 2024-01-22

Exploitation in the wild detected (1)

Remote Code Execution (1)

• spreadsheet::parseexcel (CVE-2023-7101)

debian: CVE-2023-7101 was patched at 2023-12-30, 2023-12-31, unknown date

Public exploit exists, but exploitation in the wild is NOT detected (14)

Denial of Service (2)

• Asterisk (CVE-2023-49786)

debian: CVE-2023-49786 was patched at 2023-12-29, 2024-01-04, unknown date

• w3m (CVE-2023-4255)

debian: CVE-2023-4255 was patched at unknown date

ubuntu: CVE-2023-4255 was patched at 2024-01-15

Security Feature Bypass (2)

• Python (CVE-2023-27043)

debian: CVE-2023-27043 was patched at unknown date

redhat: CVE-2023-27043 was patched at 2024-01-15, 2024-01-25

oraclelinux: CVE-2023-27043 was patched at 2024-01-16, 2024-01-25

almalinux: CVE-2023-27043 was patched at 2024-01-15, 2024-01-25

• twisted (CVE-2023-46137)

debian: CVE-2023-46137 was patched at unknown date

ubuntu: CVE-2023-46137 was patched at 2024-01-10

Memory Corruption (7)

• SQLite (CVE-2023-7104)

debian: CVE-2023-7104 was patched at unknown date

ubuntu: CVE-2023-7104 was patched at 2024-01-03

redhat: CVE-2023-7104 was patched at 2024-01-15, 2024-01-25

oraclelinux: CVE-2023-7104 was patched at 2024-01-16, 2024-01-25

almalinux: CVE-2023-7104 was patched at 2024-01-15, 2024-01-25

• Linux Kernel (CVE-2023-6606)

debian: CVE-2023-6606 was patched at 2024-01-11, unknown date

ubuntu: CVE-2023-6606 was patched at 2024-01-25, 2024-01-26

• libde265 (CVE-2023-49465, CVE-2023-49467, CVE-2023-49468)

debian: CVE-2023-49465 was patched at 2023-12-30, unknown date

debian: CVE-2023-49467 was patched at 2023-12-30, unknown date

debian: CVE-2023-49468 was patched at 2023-12-30, unknown date

• QEMU (CVE-2023-40360)

ubuntu: CVE-2023-40360 was patched at 2024-01-08

• cJSON (CVE-2023-50471)

debian: CVE-2023-50471 was patched at 2023-12-30, unknown date

Incorrect Calculation (1)

• QEMU (CVE-2023-42467)

debian: CVE-2023-42467 was patched at unknown date

ubuntu: CVE-2023-42467 was patched at 2024-01-08

Unknown Vulnerability Type (2)

• Mozilla Firefox (CVE-2023-6872)

ubuntu: CVE-2023-6872 was patched at 2024-01-02

• SQLite (CVE-2022-46908)

debian: CVE-2022-46908 was patched at unknown date

ubuntu: CVE-2022-46908 was patched at 2024-01-03

Other Vulnerabilities (66)

Command Injection (1)

• OpenSSH (CVE-2023-51385)

debian: CVE-2023-51385 was patched at 2023-12-22, 2023-12-26, unknown date

ubuntu: CVE-2023-51385 was patched at 2024-01-03, 2024-01-11

redhat: CVE-2023-51385 was patched at 2024-01-25

Security Feature Bypass (8)

• Apache Tomcat (CVE-2023-46589)

debian: CVE-2023-46589 was patched at 2024-01-05, unknown date

redhat: CVE-2023-46589 was patched at 2024-01-29

• Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider (CVE-2024-0056)

redhat: CVE-2024-0056 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2024-0056 was patched at 2024-01-12, 2024-01-16, 2024-01-17

almalinux: CVE-2024-0056 was patched at 2024-01-10

• NET, .NET Framework, and Visual Studio (CVE-2024-0057)

ubuntu: CVE-2024-0057 was patched at 2024-01-11

redhat: CVE-2024-0057 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2024-0057 was patched at 2024-01-12, 2024-01-16, 2024-01-17

almalinux: CVE-2024-0057 was patched at 2024-01-10

• Sudo (CVE-2022-38060)

redhat: CVE-2022-38060 was patched at 2024-01-16

• drupal (CVE-2022-24775)

debian: CVE-2022-24775 was patched at 2024-01-01, unknown date

• Exim (CVE-2023-51766)

debian: CVE-2023-51766 was patched at 2024-01-04, 2024-01-06, unknown date

ubuntu: CVE-2023-51766 was patched at 2024-01-29

• Chromium (CVE-2024-0333)

debian: CVE-2024-0333 was patched at 2024-01-10, unknown date

• freeipa (CVE-2023-5455)

debian: CVE-2023-5455 was patched at unknown date

redhat: CVE-2023-5455 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2023-5455 was patched at 2024-01-10, 2024-01-11, 2024-01-12

almalinux: CVE-2023-5455 was patched at 2024-01-10

Denial of Service (11)

• Squid (CVE-2023-49285, CVE-2023-49286, CVE-2023-50269)

debian: CVE-2023-49285 was patched at 2024-01-09, unknown date

debian: CVE-2023-49286 was patched at 2024-01-09, unknown date

debian: CVE-2023-50269 was patched at 2024-01-09, unknown date

ubuntu: CVE-2023-49285 was patched at 2024-01-23

ubuntu: CVE-2023-49286 was patched at 2024-01-23

ubuntu: CVE-2023-50269 was patched at 2024-01-23

redhat: CVE-2023-49285 was patched at 2024-01-03, 2024-01-08, 2024-01-24

redhat: CVE-2023-49286 was patched at 2024-01-03, 2024-01-08, 2024-01-24

redhat: CVE-2023-50269 was patched at 2024-01-24

oraclelinux: CVE-2023-49285 was patched at 2024-01-04, 2024-01-10

oraclelinux: CVE-2023-49286 was patched at 2024-01-04, 2024-01-10

almalinux: CVE-2023-49285 was patched at 2024-01-03, 2024-01-08

almalinux: CVE-2023-49286 was patched at 2024-01-03, 2024-01-08

• Asterisk (CVE-2023-37457)

debian: CVE-2023-37457 was patched at 2023-12-29, 2024-01-04, unknown date

• Linux Kernel (CVE-2022-36402, CVE-2023-6622)

debian: CVE-2022-36402 was patched at unknown date

debian: CVE-2023-6622 was patched at 2024-01-01, unknown date

redhat: CVE-2022-36402 was patched at 2024-01-10

• TinyXML (CVE-2023-34194)

debian: CVE-2023-34194 was patched at 2023-12-31, unknown date

ubuntu: CVE-2023-34194 was patched at 2024-01-29

• Werkzeug (CVE-2023-46136)

debian: CVE-2023-46136 was patched at unknown date

redhat: CVE-2023-46136 was patched at 2024-01-16

• Apache Tomcat (CVE-2023-42794)

redhat: CVE-2023-42794 was patched at 2024-01-10, 2024-01-25

oraclelinux: CVE-2023-42794 was patched at 2024-01-11, 2024-01-25

almalinux: CVE-2023-42794 was patched at 2024-01-10, 2024-01-25

• QEMU (CVE-2023-3019)

debian: CVE-2023-3019 was patched at unknown date

redhat: CVE-2023-3019 was patched at 2024-01-10, 2024-01-25

oraclelinux: CVE-2023-3019 was patched at 2024-01-12

almalinux: CVE-2023-3019 was patched at 2024-01-10

• es450 (CVE-2023-40462)

debian: CVE-2023-40462 was patched at 2023-12-31

Elevation of Privilege (4)

• Linux Kernel (CVE-2023-6111, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932)

debian: CVE-2023-6111 was patched at unknown date

debian: CVE-2023-6817 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-6931 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-6932 was patched at 2024-01-02, 2024-01-11, unknown date

ubuntu: CVE-2023-6111 was patched at 2024-01-10

ubuntu: CVE-2023-6817 was patched at 2024-01-25, 2024-01-26

ubuntu: CVE-2023-6931 was patched at 2024-01-25, 2024-01-26

ubuntu: CVE-2023-6932 was patched at 2024-01-25, 2024-01-26

Memory Corruption (15)

• Chromium (CVE-2024-0222, CVE-2024-0223, CVE-2024-0224, CVE-2024-0225)

debian: CVE-2024-0222 was patched at 2024-01-04, unknown date

debian: CVE-2024-0223 was patched at 2024-01-04, unknown date

debian: CVE-2024-0224 was patched at 2024-01-04, unknown date

debian: CVE-2024-0225 was patched at 2024-01-04, unknown date

• Linux Kernel (CVE-2023-35827, CVE-2023-45863, CVE-2023-51780, CVE-2023-51781, CVE-2023-51782, CVE-2023-6121, CVE-2023-6531)

debian: CVE-2023-35827 was patched at 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-45863 was patched at 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-51780 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-51781 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-51782 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-6121 was patched at 2024-01-02, 2024-01-11, unknown date

debian: CVE-2023-6531 was patched at 2024-01-01, 2024-01-02, 2024-01-11, unknown date

ubuntu: CVE-2023-45863 was patched at 2024-01-10, 2024-01-25

• Xorg-server (CVE-2023-6816)

debian: CVE-2023-6816 was patched at 2024-01-23, unknown date

ubuntu: CVE-2023-6816 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2023-6816 was patched at 2024-01-22

oraclelinux: CVE-2023-6816 was patched at 2024-01-22

• PJSIP (CVE-2023-38703)

debian: CVE-2023-38703 was patched at 2023-12-29, 2024-01-04, unknown date

• QEMU (CVE-2023-4135)

ubuntu: CVE-2023-4135 was patched at 2024-01-08

• Unknown Product (CVE-2024-0409)

debian: CVE-2024-0409 was patched at 2024-01-23, unknown date

ubuntu: CVE-2024-0409 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2024-0409 was patched at 2024-01-22

oraclelinux: CVE-2024-0409 was patched at 2024-01-22

Authentication Bypass (1)

• QEMU (CVE-2023-2861)

debian: CVE-2023-2861 was patched at unknown date

ubuntu: CVE-2023-2861 was patched at 2024-01-08

Remote Code Execution (1)

• Osslsigncode (CVE-2023-36377)

debian: CVE-2023-36377 was patched at 2023-12-23, unknown date

Incorrect Calculation (3)

• Mozilla Firefox (CVE-2023-6866)

ubuntu: CVE-2023-6866 was patched at 2024-01-02

• xerces-c\\+\\+ (CVE-2023-37536)

debian: CVE-2023-37536 was patched at 2023-12-31, unknown date

ubuntu: CVE-2023-37536 was patched at 2024-01-18

• QEMU (CVE-2023-5088)

debian: CVE-2023-5088 was patched at unknown date

ubuntu: CVE-2023-5088 was patched at 2024-01-08

Information Disclosure (1)

• Mozilla Firefox (CVE-2023-6135)

debian: CVE-2023-6135 was patched at unknown date

ubuntu: CVE-2023-6135 was patched at 2024-01-02

Open Redirect (1)

• keycloak (CVE-2023-6927)

redhat: CVE-2023-6927 was patched at 2024-01-09

Code Injection (1)

• libssh (CVE-2023-6004)

debian: CVE-2023-6004 was patched at 2023-12-28, unknown date

ubuntu: CVE-2023-6004 was patched at 2024-01-22

Path Traversal (2)

• Asterisk (CVE-2023-49294)

debian: CVE-2023-49294 was patched at 2023-12-29, 2024-01-04, unknown date

• ansible_automation_platform (CVE-2023-5115)

debian: CVE-2023-5115 was patched at 2023-12-28, unknown date

Unknown Vulnerability Type (17)

• Mozilla Firefox (CVE-2023-6869, CVE-2023-6871)

ubuntu: CVE-2023-6869 was patched at 2024-01-02

ubuntu: CVE-2023-6871 was patched at 2024-01-02

• Monit (CVE-2022-26563)

debian: CVE-2022-26563 was patched at unknown date

ubuntu: CVE-2022-26563 was patched at 2024-01-09

• ansible (CVE-2022-3697)

debian: CVE-2022-3697 was patched at 2023-12-28, unknown date

• OpenSSH (CVE-2023-51384)

debian: CVE-2023-51384 was patched at unknown date

ubuntu: CVE-2023-51384 was patched at 2024-01-03

• Go (CVE-2023-39326, CVE-2023-45285)

debian: CVE-2023-39326 was patched at unknown date

debian: CVE-2023-45285 was patched at unknown date

ubuntu: CVE-2023-39326 was patched at 2024-01-11

ubuntu: CVE-2023-45285 was patched at 2024-01-11

• Psr-7 (CVE-2023-29197)

debian: CVE-2023-29197 was patched at 2024-01-01, unknown date

• .NET (CVE-2024-21319)

ubuntu: CVE-2024-21319 was patched at 2024-01-11

redhat: CVE-2024-21319 was patched at 2024-01-10, 2024-01-15

oraclelinux: CVE-2024-21319 was patched at 2024-01-12, 2024-01-16, 2024-01-17

almalinux: CVE-2024-21319 was patched at 2024-01-10

• openshift_container_platform_for_arm64 (CVE-2023-5625)

redhat: CVE-2023-5625 was patched at 2024-01-16

• libssh (CVE-2023-6918)

debian: CVE-2023-6918 was patched at 2023-12-28, unknown date

ubuntu: CVE-2023-6918 was patched at 2024-01-22

• Unknown Product (CVE-2023-51779, CVE-2023-5388, CVE-2024-0229, CVE-2024-0408, CVE-2024-21885, CVE-2024-21886)

debian: CVE-2023-51779 was patched at 2024-01-01, unknown date

debian: CVE-2023-5388 was patched at unknown date

debian: CVE-2024-0229 was patched at 2024-01-23, unknown date

debian: CVE-2024-0408 was patched at 2024-01-23, unknown date

debian: CVE-2024-21885 was patched at 2024-01-23, unknown date

debian: CVE-2024-21886 was patched at 2024-01-23, unknown date

ubuntu: CVE-2023-51779 was patched at 2024-01-25

ubuntu: CVE-2024-0229 was patched at 2024-01-16, 2024-01-22

ubuntu: CVE-2024-0408 was patched at 2024-01-16, 2024-01-22

ubuntu: CVE-2024-21885 was patched at 2024-01-16, 2024-01-22

ubuntu: CVE-2024-21886 was patched at 2024-01-16, 2024-01-22

redhat: CVE-2023-5388 was patched at 2024-01-09, 2024-01-10

redhat: CVE-2024-0229 was patched at 2024-01-22

redhat: CVE-2024-0408 was patched at 2024-01-22

redhat: CVE-2024-21885 was patched at 2024-01-22

redhat: CVE-2024-21886 was patched at 2024-01-22

oraclelinux: CVE-2023-5388 was patched at 2024-01-10

oraclelinux: CVE-2024-0229 was patched at 2024-01-22

oraclelinux: CVE-2024-0408 was patched at 2024-01-22

oraclelinux: CVE-2024-21885 was patched at 2024-01-22

oraclelinux: CVE-2024-21886 was patched at 2024-01-22

almalinux: CVE-2023-5388 was patched at 2024-01-10