The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-32067 | c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31147 | c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31130 | c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular 0::00:00:00/2 was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31124 | c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-33288 | An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. | -- | May 22, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-33204 | sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. | -- | May 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-28322 | An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | LOW | May 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-28321 | An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as Subject Alternative Name in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. | LOW | May 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-28320 | A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | LOW | May 18, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-2731 | A NULL pointer dereference flaw was found in Libtiff\'s LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. | -- | May 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2603 | A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. | -- | May 16, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-29402 | The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via go get, are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected). | -- | May 15, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32269 | An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. | -- | May 11, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2610 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. | -- | May 10, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-32233 | In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31975 | yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-30086 | Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2609 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2455 | Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2454 | schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2513 | A use-after-free vulnerability was found in the Linux kernel\'s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. | -- | May 5, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2483 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | -- | May 5, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-1999 | There exists a use after free/double free in libwebp. An attacker can use the??ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. | -- | May 5, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31486 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. | -- | May 4, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. | -- | May 4, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-2426 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. | -- | May 1, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2248 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was the duplicate of CVE-2023-31436. | -- | May 1, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-31436 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | -- | Apr 28, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-29007 | Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user\'s `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. | -- | Apr 25, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-25652 | Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. | -- | Apr 25, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-2269 | A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. | -- | Apr 25, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2007 | The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. | -- | Apr 25, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-31085 | An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. | -- | Apr 24, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-31084 | An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. | -- | Apr 24, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2222 | Rejected reason: This was deemed not a security vulnerability by upstream. | LOW | Apr 23, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-29400 | Templates containing actions in unquoted HTML attributes (e.g. attr={{.}}) executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. | -- | Apr 21, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-24540 | Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set \\t\\n\\f\\r\\u0020\\u2028\\u2029 in JavaScript contexts that also contain actions may not be properly sanitized during execution. | -- | Apr 21, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-24539 | Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a \'/\' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. | -- | Apr 21, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-2124 | An out-of-bounds memory access flaw was found in the Linux kernel???s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Apr 20, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-0459 | Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the access_ok check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 | -- | Apr 20, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-0458 | A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the \'rlim\' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 | -- | Apr 20, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-30775 | A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. | -- | Apr 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-30774 | A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | -- | Apr 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-30608 | sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue. | -- | Apr 18, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-28856 | Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue. | -- | Apr 18, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-30772 | The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device. | -- | Apr 17, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-2008 | A flaw was found in the Linux kernel\'s udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. | -- | Apr 17, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-2002 | A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. | -- | Apr 17, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | -- | Apr 15, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-29383 | In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that cat /etc/passwd shows a rogue user account. | -- | Apr 14, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
