INFOSEC – Basic

[Linux Security]

OS: CentOS

CentOS: CESA-2022-8640: Important CentOS 7 krb5

Upstream details at : https://access.redhat.com/errata/RHSA-2022:8640

CentOS: CESA-2022-8560: Important CentOS 7 hsqldb

Upstream details at : https://access.redhat.com/errata/RHSA-2022:8560

CentOS: CESA-2022-8491: Important CentOS 7 xorg-x11-server

Upstream details at : https://access.redhat.com/errata/RHSA-2022:8491

CentOS: CESA-2022-7186: Important CentOS 7 device-mapper-multipath

Upstream details at : https://access.redhat.com/errata/RHSA-2022:7186

NIST Vulnerability Database

CVE-2022-42416
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18673.

CVE-2022-42418
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18677.

CVE-2022-42414
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18326.

CVE-2022-42415
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. Crafted data in a JP2 file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18366.

OS: Fedora

Fedora 36: libXpm 2023-49dbeb6b03

libXpm 3.5.15, fixes CVE-2022-46285, CVE-2022-44617, CVE-2022-4883

Fedora 37: redis 2023-fbfe7a6cfe

**Redis 7.0.8** Released Mon Jan 16 12:00:00 IDT 2023 Security Fixes: * (**CVE-2022-35977**) Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands can drive Redis to OOM panic * (**CVE-2023-22458**) Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands can lead to denial-of- service Bug Fixes * Avoid possible hang when client issues long KEYS,

Fedora 36: nautilus 2023-f81ad89b81

Update to 42.6

Fedora 37: kernel 2023-0597579983

The 6.1.7 stable kernel update contains a number of important fixes across the tree.

OS: Debian

Debian: DSA-5329-1: bind9 security update

Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service against named. For the stable distribution (bullseye), these problems have been fixed in

Debian: DSA-5328-1: chromium security update

Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian: DSA-5327-1: swift security update

Sebastien Meriot discovered that the S3 API of Swift, a distributed virtual object store, was susceptible to information disclosure. For the stable distribution (bullseye), this problem has been fixed in

Debian: DSA-5326-1: nodejs security update

Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup.

OS: Scientific

SciLinux: SLSA-2023-0402-1 Moderate: bind on SL7.x x86_64

bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: processing large delegations may severely degrade resolver performance (CVE-2022-2795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo [More...]

SciLinux: SLSA-2023-0399-1 Important: kernel on SL7.x x86_64

kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prevent unnecessary resets - Avoid leaving shost->last_reset with stal [More...]

SciLinux: SLSA-2023-0403-1 Important: sssd on SL7.x x86_64

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters (CVE-2022-4254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * smartcards: special characters must be escaped when building search filter SL7 x86_64 libipa_hbac-1.16.5-10.el7_9.15.i686.rpm l [More...]

SciLinux: SLSA-2023-0203-1 Moderate: java-1.8.0-openjdk on SL7.x x86_64

OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2 [More...]

OS: Gentoo

Gentoo: GLSA-202301-09: protobuf-java: Denial of Service

A vulnerability has been discovered in protobuf-java which could result in denial of service.

Gentoo: GLSA-202301-07: Alpine: Multiple Vulnerabilities

Multiple vulnerabilities have been found in Alpine, the worst of which could result in denial of service.

Gentoo: GLSA-202301-06: liblouis: Multiple Vulnerabilities

Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service.

Gentoo: GLSA-202301-05: Apache Commons Text: Arbitrary Code Execution

A vulnerability has been discovered in Apache Commons Text which could result in arbitrary code execution.

OS: Redhat

RedHat: RHSA-2023-0470:01 Important: Migration Toolkit for Runtimes

An update is now available for Migration Toolkit for Runtimes (v1.0.1). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2023-0469:01 Moderate: Red Hat Integration Camel Extensions

Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of

RedHat: RHSA-2023-0471:01 Important: Migration Toolkit for Runtimes

RedHat: RHSA-2023-0466:01 Important: Red Hat OpenShift GitOps security

An update is now available for Red Hat OpenShift GitOps 1.6.4 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

OS: Mageia

Mageia 2023-0025: sudo security update

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because

Mageia 2023-0024: virtualbox security update

Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. (CVE-2023-21884) Unauthenticated attacker with network access via multiple protocols to

Mageia 2023-0023: jpegoptim security update

JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c. (CVE-2022-32325) References: - https://bugs.mageia.org/show_bug.cgi?id=31424

Mageia 2023-0022: phoronix-test-suite security update

XSS in phoromatic_r_add_test_details.php (CVE-2022-40704) References: - https://bugs.mageia.org/show_bug.cgi?id=31423 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ETFF53AECMDP6PTNUVVCOODN3HMOETUU/

NIST Vulnerability Database

OS: Arch

ArchLinux: 202210-4: linux-zen: multiple issues

The package linux-zen before version 6.0.1.zen2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

ArchLinux: 202210-3: linux-lts: multiple issues

The package linux-lts before version 5.15.73-3 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

ArchLinux: 202210-2: linux: multiple issues

The package linux before version 6.0.1.arch2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

ArchLinux: 202210-1: linux-hardened: multiple issues

The package linux-hardened before version 5.19.15.hardened2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

OS: Debian LTS

Debian LTS: DLA-3283-1: modsecurity-apache security update

Multiple issues were found in modsecurity-apache, open source, cross platform web application firewall (WAF) engine for Apache which allows remote attackers to bypass the applications firewall and other unspecified impact.

Debian LTS: DLA-3282-1: git security update

Two vulnerabilities were discovered in Git, a distributed revision control system. An attacker may trigger code execution in specific situations.

Debian LTS: DLA-3281-1: swift security update

Sebastien Meriot discovered that the S3 API of Swift, a distributed virtual object store, was susceptible to information disclosure. For Debian 10 buster, this problem has been fixed in version

Debian LTS: DLA-3280-1: libde265 security update

Multiple issues were found in libde265, an open source implementation of the H.265 video codec, which may result in denial of service or have unspecified other impact.

CVEMAP.ORG: Vulnerabilities & Exposures

Medium CVE-2022-36728: Library management system project Library management system
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /staff/delstu.php.

Low CVE-2021-30071: Hestiacp Hestiacp
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Low CVE-2022-36880: Webmin Usermin
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.

Medium CVE-2022-29286: Pexip Pexip infinity
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.

OS: Slackware

Slackware: 2023-020-02: seamonkey Security Update

New seamonkey packages are available for Slackware 15.0 and -current to fix security issues.

Slackware: 2023-020-01: mozilla-thunderbird Security Update

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

Slackware: 2023-018-01: sudo Security Update

New sudo packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue.

Slackware: 2023-018-04: mozilla-firefox Security Update

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues.

OS: Suse

SUSE: 2023:206-1 bci/rust Security Update

The container bci/rust was updated. The following patches have been included in this update:

SUSE: 2023:205-1 bci/rust Security Update

The container bci/rust was updated. The following patches have been included in this update:

SUSE: 2023:195-1 suse/sle-micro/5.3/toolbox Security Update

The container suse/sle-micro/5.3/toolbox was updated. The following patches have been included in this update:

SUSE: 2023:9-1 suse-sles-15-sp4-chost-byos-v20230111-hvm-ssd-x86_64 Security Update

The container suse-sles-15-sp4-chost-byos-v20230111-hvm-ssd-x86_64 was updated. The following patches have been included in this update: