ALT-BU-2023-2524-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2023-00665
Уязвимость функции GENERAL_NAME_cmp библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
- https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt
- https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
- 1.1.1t git commit
- 1.1.1t git commit
- 3.0.8 git commit
- 3.0.8 git commit
- 1.0.2zg patch (premium)
- 1.0.2zg patch (premium)
- https://security.gentoo.org/glsa/202402-08
- https://security.gentoo.org/glsa/202402-08
- OpenSSL Advisory
- OpenSSL Advisory
Closed bugs
gajim 1.6.1 -> 1.7.0 upgrade is broken
Package kernel-image-centos updated to version 5.14.0.259-alt1.el9 for branch sisyphus in task 314777.
Closed vulnerabilities
BDU:2022-04878
Уязвимость ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
BDU:2023-00381
Уязвимость функции rawv6_push_pending_frames() (net/ipv6/raw.c) службы обработки трафика ipv6 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-00382
Уязвимость компонента ALSA:pcm (звуковой подсистемы) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании и получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-21
CVE-2021-33655
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
- [oss-security] 20220719 CVE-2021-33655: Linux kernel: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.(5.18 5.19.0-rc1)
- [oss-security] 20220719 CVE-2021-33655: Linux kernel: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.(5.18 5.19.0-rc1)
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=086ff84617185393a0bbf25830c4f36412a7d3f4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=086ff84617185393a0bbf25830c4f36412a7d3f4
- [debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update
- [debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update
- DSA-5191
- DSA-5191
Modified: 2025-03-14
CVE-2023-0266
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4
- https://github.com/torvalds/linux/commit/56b88b50565cd8b946a2d00b0c83927b7ebb055e
- https://github.com/torvalds/linux/commit/56b88b50565cd8b946a2d00b0c83927b7ebb055e
- https://github.com/torvalds/linux/commit/becf9e5d553c2389d857a3c178ce80fdb34a02e1
- https://github.com/torvalds/linux/commit/becf9e5d553c2389d857a3c178ce80fdb34a02e1
- https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
- https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
Modified: 2025-03-31
CVE-2023-0394
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17
- [debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update
- [debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update
- [debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update
- [debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update
- https://security.netapp.com/advisory/ntap-20230302-0005/
- https://security.netapp.com/advisory/ntap-20230302-0005/
Closed bugs
Не работают опции выбора размера значков панели инструментов Mousepad
Closed bugs
Подсветка синтаксиса bash в vim работает неправильно