SB2025012089 - Multiple vulnerabilities in Dell XtremIO X2

Description

This security bulletin contains information about 66 secuirty vulnerabilities.

1) Out-of-bounds write (CVE-ID: CVE-2020-22218)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of an uninitialized value within the _libssh2_transport_read() function in transport.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.

2) Information disclosure (CVE-ID: CVE-2016-2183)

The vulnerability allows a remote attacker to decrypt transmitted data.

The vulnerability exists due to remote user's ability to control the network and capture long duration 3DES CBC mode encrypted session during which he can see a part of the text. In case of repeated sending the attacker can read the part and reconstruct the whole text.

Successful exploitation of this vulnerability may allow a remote attacker to decode transmitted data. This vulnerability is known as SWEET32.

3) Untrusted search path (CVE-ID: CVE-2023-38408)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to usage of an insecure search path within the PKCS#11 feature in ssh-agent. A remote attacker can trick the victim into connecting to a malicious SSH server and execute arbitrary code on the system, if an agent is forwarded to an attacker-controlled system.

Note, this vulnerability exists due to incomplete fix for #VU2015 (CVE-2016-10009).

4) Reachable Assertion (CVE-ID: CVE-2020-25710)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when processing LDAP requests in slapd within the csnNormalize23() function in schema_init.c. A remote attacker can send a specially crafted packet to the server, trigger an assertion failure and crash the daemon.

5) Reachable Assertion (CVE-ID: CVE-2020-25709)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in certificateListValidate() function in schema_init.c. A remote attacker can send specially crafted packet to the slapd daemon, trigger an assertion failure and crash the service.

6) Out-of-bounds write (CVE-ID: CVE-2023-0767)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing PKCS 12 Safe Bag attributes. A remote attacker can create a specially crafted PKCS 12 cert bundle, trick the victim into loading it, trigger an out-of-bounds write and execute arbitrary code on the target system.

7) Heap-based buffer overflow (CVE-ID: CVE-2021-43527)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling DER-encoded DSA or RSA-PSS signatures. A remote attacker can send specially crafted signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

8) Integer overflow (CVE-ID: CVE-2022-42898)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to an integer overflow within the S4U2Proxy handler on 32-bit systems. A remote user can send specially crafted request to the KDC server, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

9) Type Confusion (CVE-ID: CVE-2023-0286)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error related to X.400 address processing inside an X.509 GeneralName. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and perform a denial of service (DoS) attack or read memory contents.

In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

10) Memory leak (CVE-ID: CVE-2020-25704)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the Linux kernel performance monitoring subsystem when using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

11) Use-after-free (CVE-ID: CVE-2022-42703)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the mm/rmap.c in the Linux kernel, related to leaf anon_vma double reuse. A local user can trigger a use-after-free error and crash the kernel.

12) Improper Resource Shutdown or Release (CVE-ID: CVE-2020-36322)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists in the FUSE filesystem implementation in the Linux kernel due to fuse_do_getattr() calls make_bad_inode() in inappropriate situations. A local user can run a specially crafted program to trigger kernel crash.

Note, the vulnerability exists due to incomplete fix for #VU58207 (CVE-2021-28950).

13) Use-after-free (CVE-ID: CVE-2021-0920)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the unix_scm_to_skb() function of af_unix.c in Linux kernel. A local user can run a specially crafted program to trigger a race condition and execute arbitrary code with elevated privileges.

14) Out-of-bounds write (CVE-ID: CVE-2020-0465)

The vulnerability allows an attacker with physical access to escalate privileges on the system.

The vulnerability exists due to an out of bounds write in various methods of hid-multitouch.c. An attacker with physical access can trigger out-of-bounds write and escalate privileges on the system.

15) Stack-based buffer overflow (CVE-ID: CVE-2022-4378)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the __do_proc_dointvec() function. A local user can trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.

16) Input validation error (CVE-ID: CVE-2021-23840)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input during EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate calls. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

17) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-31676)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions. A local unprivileged user on the guest OS can execute arbitrary code as a root user in the virtual machine.

18) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-22942)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in the vmwgfx driver in Linux kernel. A local unprivileged user can gain access to files opened by other processes on the system through a dangling 'file' pointer.

Exploiting this vulnerability requires an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor.

19) Heap-based buffer overflow (CVE-ID: CVE-2022-24903)

The vulnerability allows a remote attacker to perform a denial of service or potentially execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when parsing data in imtcp, imptcp, imgssapi, and imhttp modules used for TCP syslog reception. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and cause a denial of service or potentially execute arbitrary code on the target system.

Successful exploitation of this vulnerability is possible if the attacker is able to directly send specially crafted messages to the rsyslog daemon or by injecting specially crafted data into log files. Vulnerability exploitation in the second scenario requires that the rsyslog client supports octet-counted framing, which is not a default configuration.

20) Input validation error (CVE-ID: CVE-2023-22809)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists within the sudoedit (aka -e) feature due to insufficient validation of user-supplied input passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR). The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. A local user can append arbitrary entries to the list of files to process and escalate privileges on the system.

21) LDAP injection (CVE-ID: CVE-2022-4254)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to improper input validation in libsss_certmap functionality when validating data used in DLAP queries. A remote non-authenticated attacker can use a specially crafted certificate to bypass authentication process and gain control of the admin account, leading to full domain takeover.

22) Improper access control (CVE-ID: CVE-2016-2124)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to SMB1 client connections can be downgraded to plaintext authentication. A remote attacker can perform a man-in-the-middle attack and downgrade a negotiated SMB1 client connection and its capabitilities.

23) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-25717)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the Windows Active Directory (AD) domains have by default a feature to allow users to create computer accounts. A remote authenticated attacker can create such account with elevated privileges on the system.

24) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-38023)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to security features bypass in Netlogon RPC. A remote attacker can bypass the Netlogon cryptography feature for signing and sealing traffic during Netlogon authentication.

25) Path traversal (CVE-ID: CVE-2022-29154)

The vulnerability allows a remote server to perform directory traversal attacks.

The vulnerability exists due to input validation error within the rsync client  when processing file names. A remote malicious server overwrite arbitrary files in the rsync client target directory and subdirectories on the connected peer.

26) Cryptographic issues (CVE-ID: CVE-2023-20900)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper verification of SAML token signature. A remote attacker can bypass SAML token signature verification and perform man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine.

27) Resource exhaustion (CVE-ID: CVE-2023-44271)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in ImageFont. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

28) Exposed dangerous method or function (CVE-ID: CVE-2022-22817)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to usage of PIL.ImageMath.eval() function on arbitrary expressions. A remote attacker can pass specially crafted file to the library and execute arbitrary code on the system.

29) Input validation error (CVE-ID: CVE-2023-24329)

The vulnerability allows a remote attacker to bypass implemented filters.

The vulnerability exists due to insufficient validation of URLs that start with blank characters within urllib.parse component of Python. A remote attacker can pass specially crafted URL to bypass existing filters.

30) Input validation error (CVE-ID: CVE-2021-4034)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper handling of the calling parameters count in the pkexec setuid binary, which causes the binary to execute environment variables as commands. A local user can craft environment variables in a way that they will be processed and executed by pkexec and execute arbitrary commands on the system as root.

31) Improper access control (CVE-ID: CVE-2023-34059)

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the vmware-user-suid-wrapper. A local attacker can hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

32) Improper Authorization (CVE-ID: CVE-2023-34058)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an error when handling SAML token signature. A remote attacker that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.

33) Use-after-free (CVE-ID: CVE-2023-32233)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Netfilter nf_tables when processing batch requests. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

34) Use-after-free (CVE-ID: CVE-2022-3564)

The vulnerability allows an attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the l2cap_reassemble_sdu() function in net/bluetooth/l2cap_core.c. An attacker with physical access to device can trigger a use-after-free error and execute arbitrary code on the system.

35) Link following (CVE-ID: CVE-2023-25652)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue in "git apply --reject". A local user can create a specially crafted symbolic link to write files outside of the worktree.

36) Out-of-bounds write (CVE-ID: CVE-2023-35001)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_byteorder() function. A local user can trigger an out-of-bounds write and execute arbitrary code on the target system.

37) HTTP response splitting (CVE-ID: CVE-2023-25690)

The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due to software does not correclty process CRLF character sequences in mod_rewrite and mod_proxy. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.

38) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2021-40438)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input within the mod_proxy module in Apache HTTP Server. A remote attacker can send a specially crafted HTTP request with a chosen uri-path and trick the web server to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.

39) Improper input validation (CVE-ID: CVE-2016-2161)

The vulnerability allows a remote attacker to cause denial of service attack.

The vulnerability exists due to input validation error in mod_auth_digest module when parsing malicious HTTP requests. A remote attacker can send a specially crafted HTTP request to affected server and cause server crash.

Successful exploitation of the vulnerability will result in crash of each server instance.

40) Input validation error (CVE-ID: CVE-2022-1271)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation when processing filenames with two or more newlines. A remote attacker can force zgrep or xzgrep to write arbitrary files on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.

41) Input validation error (CVE-ID: CVE-2023-29007)

The vulnerability allows an attacker to tamper with Git configuration.

The vulnerability exists due to insufficient input validation in "git submodule deinit" when renaming or deleting a section from a configuration file. A remote attacker can trick the victim into running the command a malicious configuration file and tamper with Git configuration on the affected system.

42) Input validation error (CVE-ID: CVE-2021-42574)

The vulnerability allows an attacker to bypass certain security checks.

The vulnerability exists in the Bidirectional Algorithm in the Unicode Specification. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters.

An attacker can leverage this behavior to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers.

43) Use-after-free (CVE-ID: CVE-2023-3609)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: cls_u32 component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

44) OS Command Injection (CVE-ID: CVE-2022-48339)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation within the hfy-istext-command() function when parsing the "file" and "srcdir" parameters, if a file name or directory name contains shell metacharacter. A remote attacker can execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

45) SQL injection (CVE-ID: CVE-2022-24407)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of password in the SQL plugin shipped with Cyrus SASL. A remote non-authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

46) Input validation error (CVE-ID: CVE-2023-32067)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing DNS responses. A remote attacker can send a specially crafted DNS response to the application and perform a denial of service (DoS) attack.

47) Resource exhaustion (CVE-ID: CVE-2023-3341)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling control channel messages . A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

48) Resource exhaustion (CVE-ID: CVE-2023-2828)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can cause the amount of memory used by a named resolver to go well beyond the configured max-cache-size limit. The effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but since the default value of the max-cache-size statement is 90%, in the worst case the attacker can exhaust all available memory on the host running named, leading to a denial-of-service condition.

49) Out-of-bounds write (CVE-ID: CVE-2023-35788)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the fl_set_geneve_opt() function in net/sched/cls_flower.c in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

50) Out-of-bounds write (CVE-ID: CVE-2023-3611)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the qfq_change_agg() function in net/sched/sch_qfq.c within the Linux kernel net/sched: sch_qfq component. A local user trigger an out-of-bounds write and execute arbitrary code on the target system.

51) Use-after-free (CVE-ID: CVE-2022-42896)

The vulnerability allows an attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the l2cap_connect() and l2cap_le_connect_req() function in net/bluetooth/l2cap_core.c. An attacker with physical proximity to the affected device can trigger a use-after-free error and execute arbitrary code on the system.

52) Use-after-free (CVE-ID: CVE-2020-36385)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in drivers/infiniband/core/ucma.c, because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.

53) Race condition (CVE-ID: CVE-2022-1729)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within sys_perf_event_open() in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

54) Use-after-free (CVE-ID: CVE-2022-32250)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free incorrect NFT_STATEFUL_EXPR in net/netfilter/nf_tables_api.c in Linux kernel. A local user with ability to create user/net namespaces can execute arbitrary code with root privileges.

55) Use-after-free (CVE-ID: CVE-2021-3752)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel’s Bluetooth subsystem when a user calls connect to the socket and disconnect simultaneously. A local user can escalate privileges on the system.

56) Buffer overflow (CVE-ID: CVE-2022-0330)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a random memory access flaw caused by a missing TLB flush in Linux kernel GPU i915 kernel driver functionality. A local user can execute arbitrary code on the system with elevated privileges.

57) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-0492)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a logic error within the cgroup_release_agent_write() function in  kernel/cgroup/cgroup-v1.c. A local user can use the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation.

58) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-0466)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unspecified error, related to I/O subsystem in kernel. A local user can elevated privileges on the system.

59) Use-after-free (CVE-ID: CVE-2023-4921)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the qfq_dequeue() function within the the Linux kernel's net/sched: sch_qfq component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

60) Use-after-free (CVE-ID: CVE-2023-3776)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel's net/sched: cls_fw component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

61) Use-after-free (CVE-ID: CVE-2024-1086)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the netfilter nf_tables component in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code on the system.

62) Use-after-free (CVE-ID: CVE-2023-4623)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: sch_hfsc (HFSC qdisc traffic control) component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

63) Out-of-bounds write (CVE-ID: CVE-2023-42753)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the netfilter subsystem in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

64) Use-after-free (CVE-ID: CVE-2023-4208)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_u32 component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

65) Use-after-free (CVE-ID: CVE-2023-4207)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_fw component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

66) Use-after-free (CVE-ID: CVE-2023-4206)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_route component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code on the system.

Remediation

Install update from vendor's website.

References

• https://github.com/libssh2/libssh2/pull/476
• https://github.com/libssh2/libssh2/commit/0b44e558f311671f6e6d14c559bc1c9bda59b8df
• https://www.openssl.org/news/changelog.html#x0
• https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8
• https://www.openssh.com/txt/release-9.3p2
• https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
• https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
• https://news.ycombinator.com/item?id=36790196
• https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca
• https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d
• https://www.openssh.com/security.html
• https://security.gentoo.org/glsa/202307-01
• https://bugs.openldap.org/show_bug.cgi?id=9384
• https://git.openldap.org/openldap/openldap/-/commit/bdb0d459187522a6063df13871b82ba8dcc6efe2
• https://bugs.openldap.org/show_bug.cgi?id=9383
• https://git.openldap.org/openldap/openldap/-/commit/67670f4544e28fb09eb7319c39f404e1d3229e65
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
• https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
• https://www.samba.org/samba/security/CVE-2022-42898.html
• https://www.openssl.org/news/secadv/20230207.txt
• https://bugzilla.redhat.com/show_bug.cgi?id=1895961
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7bdb157cdebbf95a1cd94ed2e01b338714075d00
• https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
• https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
• https://www.openwall.com/lists/oss-security/2020/11/09/1
• https://bugs.chromium.org/p/project-zero/issues/detail?id=2351
• https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2555283eb40df89945557273121e9393ef9b542b
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.7
• https://github.com/torvalds/linux/commit/2555283eb40df89945557273121e9393ef9b542b
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d069dbe8aaf2a197142558b6fb2978189ba3454
• https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
• https://source.android.com/security/bulletin/2021-11-01
• https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
• https://source.android.com/security/bulletin/2020-12-01
• https://seclists.org/oss-sec/2022/q4/178
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bce9332220bd677d83b19d21502776ad555a0e73
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6cfaf34be9fcd1a8285a294e18986bfc41a409c
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
• https://www.openssl.org/news/secadv/20210216.txt
• https://www.vmware.com/security/advisories/VMSA-2022-0024.html
• https://www.openwall.com/lists/oss-security/2022/01/27/4
• https://www.openwall.com/lists/oss-security/2022/02/03/1
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0f90c8815706981c483a652a6aefca51a5e191c
• https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8
• https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
• https://www.sudo.ws/security/advisories/sudoedit_any/
• https://korelogic.com/Resources/Advisories/KL-001-2023-003.txt
• https://bugzilla.redhat.com/show_bug.cgi?id=2149894
• https://www.samba.org/samba/security/CVE-2016-2124.html
• https://www.samba.org/samba/security/CVE-2020-25717.html
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38023
• http://www.openwall.com/lists/oss-security/2022/08/02/1
• https://www.vmware.com/security/advisories/VMSA-2023-0019.html
• https://devhub.checkmarx.com/cve-details/CVE-2023-44271/
• https://github.com/python-pillow/Pillow/pull/7244
• https://github.com/python-pillow/Pillow/commit/1fe1bb49c452b0318cad12ea9d97c3bef188e9a7
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N2JOEDUJDQLCUII2LQYZYSM7RJL2I3P4/
• https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
• https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
• https://www.debian.org/security/2022/dsa-5053
• https://pointernull.com/security/python-url-parse-problem.html
• https://github.com/python/cpython/pull/99421
• https://github.com/python/cpython/issues/102153
• https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-12-final
• https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-17-final
• https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-17-final
• https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-17-final
• https://docs.python.org/3.11/whatsnew/changelog.html#python-3-11-14-final
• https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
• https://bugzilla.redhat.com/show_bug.cgi?id=2025869
• http://www.openwall.com/lists/oss-security/2023/10/27/2
• http://www.openwall.com/lists/oss-security/2023/10/27/3
• https://github.com/advisories/GHSA-q6p8-m5f4-4vmp
• https://www.vmware.com/security/advisories/VMSA-2023-0024.html
• https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab
• https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab
• https://www.openwall.com/lists/oss-security/2023/05/08/4
• https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=89f9f3cb86b1c63badaf392a83dd661d56cc50b1
• https://github.com/git-for-windows/git/releases/tag/v2.39.3.windows.1
• https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1
• https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/
• https://www.openwall.com/lists/oss-security/2023/07/05/3
• http://www.openwall.com/lists/oss-security/2023/07/05/3
• https://www.debian.org/security/2023/dsa-5453
• https://httpd.apache.org/security/vulnerabilities_24.html
• http://httpd.apache.org/security/vulnerabilities_24.html
• https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=dc9740df61e575e8c3148b7bd3c147a81ea00c7c
• https://savannah.gnu.org/forum/forum.php?forum_id=10157
• https://www.zerodayinitiative.com/advisories/ZDI-22-619/
• https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844
• http://www.openwall.com/lists/oss-security/2021/11/01/1
• http://www.openwall.com/lists/oss-security/2021/11/01/4
• http://www.openwall.com/lists/oss-security/2021/11/01/5
• http://www.openwall.com/lists/oss-security/2021/11/01/6
• https://github.blog/changelog/2021-10-31-warning-about-bidirectional-unicode-text/
• https://kernel.dance/04c55383fa5689357bcdd2c8036725a55ed632bc
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc
• https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c
• https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
• https://seclists.org/oss-sec/2023/q2/188
• https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1
• https://kb.isc.org/docs/cve-2023-3341
• https://kb.isc.org/docs/cve-2023-2828
• https://www.openwall.com/lists/oss-security/2023/06/07/1
• https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c
• https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7
• http://www.openwall.com/lists/oss-security/2023/06/17/1
• https://seclists.org/oss-sec/2023/q2/213
• https://kernel.dance/3e337087c3b5805fe0b8a46ba622a962880b5d64
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e337087c3b5805fe0b8a46ba622a962880b5d64
• https://kernel.dance/#711f8c3fb3db61897080468586b970c87c61d9e4
• https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4
• https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1
• https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10
• https://alas.aws.amazon.com/cve/html/CVE-2022-1729.html
• https://www.openwall.com/lists/oss-security/2022/05/31/1
• https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfilter?id=520778042ccca019f3ffa136dd0ca565c486cedd
• http://www.openwall.com/lists/oss-security/2022/06/03/1
• http://www.openwall.com/lists/oss-security/2022/06/04/1
• https://www.debian.org/security/2022/dsa-5161
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIZTJOJCVVEJVOQSCHE6IJQKMPISHQ5L/
• https://bugzilla.redhat.com/show_bug.cgi?id=2092427
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6Y3TC4WUUNKRP7OQA26OVTZTPCS6F2/
• http://www.openwall.com/lists/oss-security/2022/06/20/1
• https://www.zerodayinitiative.com/advisories/ZDI-23-1834/
• https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/
• https://www.openwall.com/lists/oss-security/2021/09/15/4
• https://bugzilla.redhat.com/show_bug.cgi?id=1999544
• https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
• https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
• https://www.debian.org/security/2022/dsa-5096
• https://security.netapp.com/advisory/ntap-20220318-0009/
• https://bugzilla.redhat.com/show_bug.cgi?id=2042404
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
• https://bugzilla.redhat.com/show_bug.cgi?id=2051505
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8fc134fee27f2263988ae38920bc03da416b03d8
• https://kernel.dance/8fc134fee27f2263988ae38920bc03da416b03d8
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=0323bce598eea038714f941ce2b22541c46d488f
• https://kernel.dance/0323bce598eea038714f941ce2b22541c46d488f
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660
• https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/
• https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f
• https://access.redhat.com/security/cve/CVE-2023-42753
• https://www.openwall.com/lists/oss-security/2023/09/22/10
• https://bugzilla.redhat.com/show_bug.cgi?id=2239843
• https://seclists.org/oss-sec/2023/q3/216
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81
• https://kernel.dance/3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81
• https://www.debian.org/security/2023/dsa-5492
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec
• https://kernel.dance/76e42ae831991c828cffa8c37736ebfb831ad5ec
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8
• https://kernel.dance/b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8