The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-37329 | Heap-based buffer overflow in the PGS blu-ray subtitle decoder when handling certain files in GStreamer versions before 1.22.4. | -- | Jul 9, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-37328 | Heap-based buffer overflow in the subparse subtitle parser when handling certain SRT subtitle files in GStreamer versions before 1.22.4. | -- | Jul 9, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-37327 | Heap-based buffer overflow in the FLAC parser when handling malformed image tags in GStreamer versions before 1.22.4. | -- | Jul 9, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-36617 | A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version. | -- | Jun 29, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-36328 | Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). | -- | Sep 6, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. | -- | Jul 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35828 | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. | -- | Jun 20, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35827 | An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. | -- | Jun 20, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-35825 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3141. Reason: This candidate is a reservation duplicate of CVE-2023-3141. Notes: All CVE users should reference CVE-2023-3141 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | -- | Nov 7, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35824 | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c. | -- | Jun 20, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35823 | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c. | -- | Jun 20, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35789 | An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments. | -- | Jun 17, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35788 | An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. | -- | Jun 17, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-35001 | Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | -- | Jul 5, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34969 | D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6. | -- | Jun 8, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-34872 | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. | -- | Jul 31, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-34324 | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn\'t use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn\'t block further readers to get the lock). | -- | Jan 5, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34319 | The fix for XSA-423 added logic to Linux\'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn\'t account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that\'s specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun in the driver. | -- | Aug 9, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34256 | An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated When modifying the block device while it is mounted by the filesystem access. | -- | Jun 1, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34255 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2124. Reason: This candidate is a duplicate of CVE-2023-2124. Notes: All CVE users should reference CVE-2023-2124 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | -- | Jun 1, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-34241 | OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue. | -- | Jun 26, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34059 | open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. | -- | Oct 27, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34058 | VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | -- | Oct 27, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-33460 | There\'s a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-33288 | An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. | -- | May 22, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-33204 | sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. | -- | May 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-32723 | Request to LDAP is sent before user permissions are checked. | -- | Aug 10, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32681 | Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-32665 | A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32643 | A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32636 | A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32611 | A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32269 | An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. | -- | May 11, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-32233 | In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-32067 | c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31975 | yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. | -- | May 9, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31486 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. | -- | May 4, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. | -- | May 4, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-31436 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | -- | Apr 28, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-31147 | c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31130 | c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular 0::00:00:00/2 was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31124 | c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | -- | May 23, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-31085 | An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. | -- | Apr 24, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-31084 | An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. | -- | Apr 24, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-30775 | A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. | -- | Apr 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-30774 | A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | -- | Apr 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-30772 | The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device. | -- | Apr 17, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-30630 | Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. | -- | Apr 13, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-30608 | sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue. | -- | Apr 18, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2023-30456 | An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. | -- | Apr 10, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
