[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 11 21:12:26 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f798f506 by security tracker role at 2023-10-11T20:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,150 @@
-CVE-2023-44981
+CVE-2023-5535 (Use After Free in GitHub repository vim/vim prior to v9.0.2010.)
+ TODO: check
+CVE-2023-5521 (Incorrect Authorization in GitHub repository tiann/kernelsu prior to v ...)
+ TODO: check
+CVE-2023-5520 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.)
+ TODO: check
+CVE-2023-4957 (A vulnerability of authentication bypass has been found on a Zebra Tec ...)
+ TODO: check
+CVE-2023-4936 (It is possible to sideload a compromised DLL during the installation a ...)
+ TODO: check
+CVE-2023-45396 (An Insecure Direct Object Reference (IDOR) vulnerability leads to even ...)
+ TODO: check
+CVE-2023-44962 (File Upload vulnerability in Koha Library Software 23.05.04 and before ...)
+ TODO: check
+CVE-2023-44961 (SQL Injection vulnerability in Koha Library Software 23.0.5.04 and bef ...)
+ TODO: check
+CVE-2023-44186 (An Improper Handling of Exceptional Conditions vulnerability in AS PAT ...)
+ TODO: check
+CVE-2023-44119 (Vulnerability of mutual exclusion management in the kernel module.Succ ...)
+ TODO: check
+CVE-2023-44118 (Vulnerability of undefined permissions in the MeeTime module.Successfu ...)
+ TODO: check
+CVE-2023-44116 (Vulnerability of access permissions not being strictly verified in the ...)
+ TODO: check
+CVE-2023-44114 (Out-of-bounds array vulnerability in the dataipa module.Successful exp ...)
+ TODO: check
+CVE-2023-44111 (Vulnerability of brute-force attacks on the device authentication modu ...)
+ TODO: check
+CVE-2023-44110 (Out-of-bounds access vulnerability in the audio module.Successful expl ...)
+ TODO: check
+CVE-2023-44109 (Clone vulnerability in the huks ta module.Successful exploitation of t ...)
+ TODO: check
+CVE-2023-44108 (Type confusion vulnerability in the distributed file module.Successful ...)
+ TODO: check
+CVE-2023-44107 (Vulnerability of defects introduced in the design process in the scree ...)
+ TODO: check
+CVE-2023-44106 (API permission management vulnerability in the Fwk-Display module.Succ ...)
+ TODO: check
+CVE-2023-44105 (Vulnerability of permissions not being strictly verified in the window ...)
+ TODO: check
+CVE-2023-44104 (Broadcast permission control vulnerability in the Bluetooth module.Suc ...)
+ TODO: check
+CVE-2023-44103 (Out-of-bounds read vulnerability in the Bluetooth module.Successful ex ...)
+ TODO: check
+CVE-2023-44102 (Broadcast permission control vulnerability in the Bluetooth module.Suc ...)
+ TODO: check
+CVE-2023-44101 (The Bluetooth module has a vulnerability in permission control for bro ...)
+ TODO: check
+CVE-2023-44100 (Broadcast permission control vulnerability in the Bluetooth module.Suc ...)
+ TODO: check
+CVE-2023-44097 (Vulnerability of the permission to access device SNs being improperly ...)
+ TODO: check
+CVE-2023-44096 (Vulnerability of brute-force attacks on the device authentication modu ...)
+ TODO: check
+CVE-2023-44095 (Use-After-Free (UAF) vulnerability in the surfaceflinger module.Succes ...)
+ TODO: check
+CVE-2023-44094 (Type confusion vulnerability in the distributed file module.Successful ...)
+ TODO: check
+CVE-2023-44093 (Vulnerability of package names' public keys not being verified in the ...)
+ TODO: check
+CVE-2023-43960 (An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to e ...)
+ TODO: check
+CVE-2023-43661 (Cachet, the open-source status page system. Prior to the 2.4 branch, a ...)
+ TODO: check
+CVE-2023-42138 (Out-of-bounds read vulnerability exists in KV STUDIO Ver. 11.62 and ea ...)
+ TODO: check
+CVE-2023-41882 (vantage6 is privacy preserving federated learning infrastructure. The ...)
+ TODO: check
+CVE-2023-41881 (vantage6 is privacy preserving federated learning infrastructure. When ...)
+ TODO: check
+CVE-2023-41304 (Parameter verification vulnerability in the window module.Successful e ...)
+ TODO: check
+CVE-2023-40142 (In TBD of TBD, there is a possible way to bypass carrier restrictions ...)
+ TODO: check
+CVE-2023-40141 (In temp_residency_name_store of thermal_metrics.c, there is a possible ...)
+ TODO: check
+CVE-2023-38817 (An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attac ...)
+ TODO: check
+CVE-2023-38217 (Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) ar ...)
+ TODO: check
+CVE-2023-38216 (Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) ar ...)
+ TODO: check
+CVE-2023-37538 (HCL Digital Experience is susceptible to cross site scripting (XSS). O ...)
+ TODO: check
+CVE-2023-35968 (Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_ ...)
+ TODO: check
+CVE-2023-35967 (Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_ ...)
+ TODO: check
+CVE-2023-35966 (Two heap-based buffer overflow vulnerabilities exist in the httpd mana ...)
+ TODO: check
+CVE-2023-35965 (Two heap-based buffer overflow vulnerabilities exist in the httpd mana ...)
+ TODO: check
+CVE-2023-35662 (there is a possible out of bounds write due to buffer overflow. This c ...)
+ TODO: check
+CVE-2023-35661 (In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possi ...)
+ TODO: check
+CVE-2023-35660 (In lwis_transaction_client_cleanup of lwis_transaction.c, there is a p ...)
+ TODO: check
+CVE-2023-35655 (In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a pos ...)
+ TODO: check
+CVE-2023-35654 (In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds r ...)
+ TODO: check
+CVE-2023-35653 (In TBD of TBD, there is a possible way to access location information ...)
+ TODO: check
+CVE-2023-35652 (In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cp ...)
+ TODO: check
+CVE-2023-35649 (In several functions of Exynos modem files, there is a possible out of ...)
+ TODO: check
+CVE-2023-35648 (In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cp ...)
+ TODO: check
+CVE-2023-35647 (In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cp ...)
+ TODO: check
+CVE-2023-35646 (In TBD of TBD, there is a possible stack buffer overflow due to a miss ...)
+ TODO: check
+CVE-2023-35645 (In tbd of tbd, there is a possible memory corruption due to a race con ...)
+ TODO: check
+CVE-2023-35194 (An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x ...)
+ TODO: check
+CVE-2023-35193 (An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x ...)
+ TODO: check
+CVE-2023-35056 (A buffer overflow vulnerability exists in the httpd next_page function ...)
+ TODO: check
+CVE-2023-35055 (A buffer overflow vulnerability exists in the httpd next_page function ...)
+ TODO: check
+CVE-2023-34426 (A stack-based buffer overflow vulnerability exists in the httpd manage ...)
+ TODO: check
+CVE-2023-34365 (A stack-based buffer overflow vulnerability exists in the libutils.so ...)
+ TODO: check
+CVE-2023-34356 (An OS command injection vulnerability exists in the data.cgi xfer_dns ...)
+ TODO: check
+CVE-2023-34354 (A stored cross-site scripting (XSS) vulnerability exists in the upload ...)
+ TODO: check
+CVE-2023-34346 (A stack-based buffer overflow vulnerability exists in the httpd gwcfg. ...)
+ TODO: check
+CVE-2023-32645 (A leftover debug code vulnerability exists in the httpd debug credenti ...)
+ TODO: check
+CVE-2023-32632 (A command execution vulnerability exists in the validate.so diag_ping_ ...)
+ TODO: check
+CVE-2023-31272 (A stack-based buffer overflow vulnerability exists in the httpd do_wds ...)
+ TODO: check
+CVE-2023-28381 (An OS command injection vulnerability exists in the admin.cgi MVPN_tri ...)
+ TODO: check
+CVE-2023-27380 (An OS command injection vulnerability exists in the admin.cgi USSD_sen ...)
+ TODO: check
+CVE-2023-24479 (An authentication bypass vulnerability exists in the httpd nvram.cgi f ...)
+ TODO: check
+CVE-2023-44981 (Authorization Bypass Through User-Controlled Key vulnerability in Apac ...)
- zookeeper <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2023/10/11/4
NOTE: https://github.com/apache/zookeeper/commit/e2070bed85d8b0c98a5a0045bf92421f473c412e (master)
@@ -75,7 +221,7 @@ CVE-2023-4421
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2238677
NOTE: https://hg.mozilla.org/projects/nss/rev/fc05574c739947d615ab0b2b2b564f01c922eccd
CVE-2023-38546
- {DSA-5523-1}
+ {DSA-5523-1 DLA-3613-1}
- curl 8.3.0-3
NOTE: https://curl.se/docs/CVE-2023-38546.html
NOTE: Fixed in https://github.com/curl/curl/commit/61275672b46d9abb32857404 (curl-8_4_0)
@@ -510,25 +656,30 @@ CVE-2023-34985 (A improper neutralization of special elements used in an os comm
CVE-2023-33301 (An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7 ...)
NOT-FOR-US: Fortinet
CVE-2023-42670 [Samba AD DC Busy RPC multiple listener DoS]
+ {DSA-5525-1}
- samba 2:4.19.1+dfsg-1
[bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1)
[buster] - samba <ignored> (Domain controller functionality is EOLed, see DSA-5015-1)
NOTE: https://www.samba.org/samba/security/CVE-2023-42670.html
CVE-2023-42669 ["rpcecho" development server allows Denial of Service via sleep() call on AD DC]
+ {DSA-5525-1}
- samba 2:4.19.1+dfsg-1
[bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1)
[buster] - samba <ignored> (Domain controller functionality is EOLed, see DSA-5015-1)
NOTE: https://www.samba.org/samba/security/CVE-2023-42669.html
CVE-2023-4091 [SMB clients can truncate files with read-only permissions]
+ {DSA-5525-1}
- samba 2:4.19.1+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2023-4091.html
NOTE: In scope for continued Samba support
CVE-2023-4154 [Samba AD DC password exposure to privileged users and RODCs]
+ {DSA-5525-1}
- samba 2:4.19.1+dfsg-1
[bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1)
[buster] - samba <ignored> (Domain controller functionality is EOLed, see DSA-5015-1)
NOTE: https://www.samba.org/samba/security/CVE-2023-4154.html
CVE-2023-3961 [smbd allows client access to unix domain sockets on the file system]
+ {DSA-5525-1}
- samba 2:4.19.1+dfsg-1
[buster] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2023-3961.html
@@ -771,6 +922,7 @@ CVE-2023-39189 (A flaw was found in the Netfilter subsystem in the Linux kernel.
CVE-2023-36820 (Micronaut Security is a security solution for applications. Prior to v ...)
NOT-FOR-US: Micronaut Security
CVE-2023-43641 (libcue provides an API for parsing and extracting data from CUE sheets ...)
+ {DSA-5524-1}
- libcue 2.2.1-4.1
NOTE: https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cj
NOTE: https://www.openwall.com/lists/oss-security/2023/10/09/3
@@ -1164,11 +1316,11 @@ CVE-2023-38469
[buster] - avahi <postponed> (Minor issue; can be mitigated by setting disable-user-service-publishing to yes)
NOTE: https://github.com/lathiat/avahi/issues/455
NOTE: https://www.openwall.com/lists/oss-security/2023/10/06/4
-CVE-2023-5402 (ACWE-269: Improper Privilege Management vulnerability existsthat could ...)
+CVE-2023-5402 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...)
NOT-FOR-US: Schneider Electric
-CVE-2023-5399 (ACWE-22: Improper Limitation of a Pathname to a Restricted Directory ( ...)
+CVE-2023-5399 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ...)
NOT-FOR-US: Schneider Electric
-CVE-2023-5391 (ACWE-502:Deserialization of untrusted datavulnerability existsthat cou ...)
+CVE-2023-5391 (A CWE-502: Deserialization of untrusted data vulnerability exists that ...)
NOT-FOR-US: Schneider Electric
CVE-2023-5377 (Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.)
- gpac <unfixed>
@@ -7146,7 +7298,7 @@ CVE-2023-32078 (Netmaker makes networks with WireGuard. An Insecure Direct Objec
CVE-2023-32077 (Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0 ...)
NOT-FOR-US: Netmaker
CVE-2023-40217 (An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, ...)
- {DLA-3575-1}
+ {DLA-3614-1 DLA-3575-1}
- python3.12 3.12.0~rc1-2
- python3.11 3.11.5-1
- python3.10 3.10.13-1
@@ -7523,7 +7675,7 @@ CVE-2022-48570 (Crypto++ through 8.4 contains a timing side channel in ECDSA sig
NOTE: functionality reasons.
TODO: check details on upstream fix (in 8.4?)
CVE-2022-48566 (An issue was discovered in compare_digest in Lib/hmac.py in Python thr ...)
- {DLA-3575-1}
+ {DLA-3614-1 DLA-3575-1}
- python3.9 3.9.1~rc1-1
- python3.7 <removed>
- python2.7 <removed>
@@ -7535,7 +7687,7 @@ CVE-2022-48566 (An issue was discovered in compare_digest in Lib/hmac.py in Pyth
NOTE: https://github.com/python/cpython/commit/8bef9ebb1b88cfa4b2a38b93fe4ea22015d8254a (v3.6.13)
NOTE: https://github.com/python/cpython/issues/84968
CVE-2022-48565 (An XML External Entity (XXE) issue was discovered in Python through 3. ...)
- {DLA-3575-1}
+ {DLA-3614-1 DLA-3575-1}
- python3.9 3.9.1~rc1-1
- python3.7 <removed>
- python2.7 <removed>
@@ -7548,6 +7700,7 @@ CVE-2022-48565 (An XML External Entity (XXE) issue was discovered in Python thro
NOTE: https://github.com/python/cpython/commit/e512bc799e3864fe3b1351757261762d63471efc (v3.7.10)
NOTE: https://github.com/python/cpython/commit/a158fb9c5138db94adf24fbc5690467cda811163 (v3.6.13)
CVE-2022-48564 (read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ...)
+ {DLA-3614-1}
- python3.9 3.9.1~rc1-1
- python3.7 <removed>
- python2.7 <not-affected> (In 2.7, the plistlib parser only supports XML and not the affected binary format)
@@ -7559,7 +7712,7 @@ CVE-2022-48564 (read_ints in plistlib.py in Python through 3.9.1 is vulnerable t
NOTE: https://github.com/python/cpython/commit/225e3659556616ad70186e7efc02baeebfeb5ec4 (v3.7.10)
NOTE: https://github.com/python/cpython/commit/a63234c49b2fbfb6f0aca32525e525ce3d43b2b4 (v3.6.13)
CVE-2022-48560 (A use-after-free exists in Python through 3.9 via heappushpop in heapq ...)
- {DLA-3575-1}
+ {DLA-3614-1 DLA-3575-1}
- python3.9 <not-affected> (Fixed before initial upload to the archive)
- python3.7 3.7.7-1
- python2.7 <removed>
@@ -28642,8 +28795,8 @@ CVE-2023-28637 (DataEase is an open source data visualization analysis tool. In
CVE-2023-28636 (GLPI is a free asset and IT management software package. Starting in v ...)
- glpi <removed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
-CVE-2023-28635
- RESERVED
+CVE-2023-28635 (vantage6 is privacy preserving federated learning infrastructure. Prio ...)
+ TODO: check
CVE-2023-28634 (GLPI is a free asset and IT management software package. Starting in v ...)
- glpi <removed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
@@ -29888,6 +30041,7 @@ CVE-2023-28322 (An information disclosure vulnerability exists in curl <v8.1.0 w
NOTE: Introduced by: https://github.com/curl/curl/commit/546572da0457f37c698c02d0a08d90fdfcbeedec (curl-7_7)
NOTE: Fixed by: https://github.com/curl/curl/commit/7815647d6582c0a4900be2e1de6c5e61272c496b (curl-8_1_0)
CVE-2023-28321 (An improper certificate validation vulnerability exists in curl <v8.1. ...)
+ {DLA-3613-1}
- curl 7.88.1-10 (bug #1036239)
[bullseye] - curl 7.74.0-1.3+deb11u9
NOTE: https://curl.se/docs/CVE-2023-28321.html
@@ -35463,8 +35617,8 @@ CVE-2023-26372 (Adobe Dimension version 3.4.8 (and earlier) is affected by an ou
NOT-FOR-US: Adobe
CVE-2023-26371 (Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-b ...)
NOT-FOR-US: Adobe
-CVE-2023-26370
- RESERVED
+CVE-2023-26370 (Adobe Photoshop versions 23.5.5 (and earlier) and 24.7 (and earlier) a ...)
+ TODO: check
CVE-2023-26369 (Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and ...)
NOT-FOR-US: Adobe
CVE-2023-26368
@@ -42949,8 +43103,8 @@ CVE-2023-23931 (cryptography is a package designed to expose cryptographic primi
[bullseye] - python-cryptography <no-dsa> (Minor issue)
NOTE: https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r
NOTE: https://github.com/pyca/cryptography/commit/9fbf84efc861668755ab645530ec7be9cf3c6696
-CVE-2023-23930
- RESERVED
+CVE-2023-23930 (vantage6 is privacy preserving federated learning infrastructure. Vers ...)
+ TODO: check
CVE-2023-23929 (vantage6 is a privacy preserving federated learning infrastructure for ...)
NOT-FOR-US: vantage6
CVE-2023-23928 (reason-jose is a JOSE implementation in ReasonML and OCaml.`Jose.Jws.v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f798f50600d1e9c9c07412e24273a6bb9a47abc8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f798f50600d1e9c9c07412e24273a6bb9a47abc8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231011/9015b906/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list