The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-1073 | A memory corruption flaw was found in the Linux kernel???s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Feb 28, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-0461 | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS??or CONFIG_XFRM_ESPINTCP??has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data??of a struct inet_connection_sock. When CONFIG_TLS??is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt??TCP_ULP??operation does not require any privilege. We recommend upgrading past commit??2c02d41d71f90a5168391b6a5f2954112ba2307c | -- | Feb 28, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1095 | In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. | -- | Mar 1, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-36021 | Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. | -- | Mar 1, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-25155 | Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. | -- | Mar 2, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1118 | A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | -- | Mar 2, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-27561 | runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | -- | Mar 3, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1170 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. | -- | Mar 3, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2022-4645 | LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | -- | Mar 3, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1175 | Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | -- | Mar 4, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1127 | Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. | -- | Mar 4, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-27522 | HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. | -- | Mar 7, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-25690 | Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule ^/here/(.*) http://example.com:8080/elsewhere?$1; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server. | -- | Mar 7, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-45142 | The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding != 0 comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted. | -- | Mar 7, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1264 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | -- | Mar 8, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1355 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402. | -- | Mar 11, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28328 | A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service. | -- | Mar 15, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1382 | A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel. | -- | Mar 15, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1380 | A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. | -- | Mar 15, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28487 | Sudo before 1.9.13 does not escape control characters in sudoreplay output. | -- | Mar 16, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28486 | Sudo before 1.9.13 does not escape control characters in log messages. | -- | Mar 16, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28466 | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | -- | Mar 16, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28450 | An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. | -- | Mar 16, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1390 | A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition. | -- | Mar 17, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27538 | An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27536 | An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27535 | An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27534 | A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\'s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-0466 | The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. | LOW | Mar 22, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-0464 | A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy\' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()\' function. | LOW | Mar 22, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28772 | An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. | -- | Mar 23, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-24537 | Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. | -- | Mar 23, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1513 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | -- | Mar 24, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1281 | Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation.??The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when \'tcf_exts_exec()\' is called with the destroyed tcf_ext.??A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. | -- | Mar 24, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-24538 | Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. var a = {{.}}), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution. | -- | Mar 27, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1582 | A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service. | -- | Mar 27, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-0465 | Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy\' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()\' function. | LOW | Mar 27, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2022-4744 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Mar 27, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1637 | A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks. | -- | Mar 28, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28642 | runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image. | -- | Mar 30, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2022-44370 | NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 | -- | Mar 30, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-28879 | In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. | -- | Mar 31, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28756 | A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. | -- | Mar 31, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28755 | A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. | -- | Mar 31, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1670 | A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | -- | Mar 31, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1393 | A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. | -- | Apr 2, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1859 | A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. | -- | Apr 6, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1855 | A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem. | -- | Apr 6, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1838 | A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. | -- | Apr 6, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-30456 | An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. | -- | Apr 10, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
