Red Hat Security Advisory 2023-7150-01 - An update for librabbitmq is now available for Red Hat Enterprise Linux 8.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7150.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: librabbitmq security updateAdvisory ID:        RHSA-2023:7150-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7150Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-35789====================================================================Summary: An update for librabbitmq is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1.Security Fix(es):* rabbitmq-c/librabbitmq: Insecure credentials submission (CVE-2023-35789)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-35789References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2215762

Red Hat Security Advisory 2023-7150-01

Red Hat Security Advisory 2023-7139-01 - An update for samba, evolution-mapi, and openchangeis now available for Red Hat Enterprise Linux 8. Issues addressed include out of bounds read and path disclosure vulnerabilities.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7139.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: samba security, bug fix, and enhancement updateAdvisory ID:        RHSA-2023:7139-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7139Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2022-2127====================================================================Summary: An update for samba, evolution-mapi, and openchangeis now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.The following packages have been upgraded to a later upstream version: samba (4.18.6). (BZ#2190417)Security Fix(es):* samba: out-of-bounds read in winbind AUTH_CRAP (CVE-2022-2127)* samba: infinite loop in mdssvc RPC service for spotlight (CVE-2023-34966)* samba: type confusion in mdssvc RPC service for spotlight (CVE-2023-34967)* samba: spotlight server-side share path disclosure (CVE-2023-34968)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-2127References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2175385https://bugzilla.redhat.com/show_bug.cgi?id=2190417https://bugzilla.redhat.com/show_bug.cgi?id=2218237https://bugzilla.redhat.com/show_bug.cgi?id=2221594https://bugzilla.redhat.com/show_bug.cgi?id=2221600https://bugzilla.redhat.com/show_bug.cgi?id=2222791https://bugzilla.redhat.com/show_bug.cgi?id=2222793https://bugzilla.redhat.com/show_bug.cgi?id=2222794https://bugzilla.redhat.com/show_bug.cgi?id=2222795https://bugzilla.redhat.com/show_bug.cgi?id=2222884https://bugzilla.redhat.com/show_bug.cgi?id=2232564

Red Hat Security Advisory 2023-7139-01

Red Hat Security Advisory 2023-7116-01 - An update for c-ares is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7116.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: c-ares security updateAdvisory ID:        RHSA-2023:7116-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7116Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2022-4904====================================================================Summary: An update for c-ares is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API.Security Fix(es):* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-4904References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2168631

Red Hat Security Advisory 2023-7116-01

Red Hat Security Advisory 2023-7112-01 - An update for shadow-utils is now available for Red Hat Enterprise Linux 8.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7112.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: shadow-utils security and bug fix updateAdvisory ID:        RHSA-2023:7112-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7112Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-4641====================================================================Summary: An update for shadow-utils is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. Security Fix(es):* shadow-utils: possible password leak during passwd(1) change (CVE-2023-4641)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-4641References:https://access.redhat.com/security/updates/classification/#lowhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=1984740https://bugzilla.redhat.com/show_bug.cgi?id=1994269https://bugzilla.redhat.com/show_bug.cgi?id=2012929https://bugzilla.redhat.com/show_bug.cgi?id=2215945

Red Hat Security Advisory 2023-7112-01

Red Hat Security Advisory 2023-7109-01 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7109.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: linux-firmware security, bug fix, and enhancement updateAdvisory ID:        RHSA-2023:7109-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7109Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-20569====================================================================Summary: An update for linux-firmware is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The linux-firmware packages contain all of the firmware files that are required by various devices to operate.Security Fix(es):* hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-20569References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2207625

Red Hat Security Advisory 2023-7109-01

Red Hat Security Advisory 2023-7096-01 - An update for python-cryptography is now available for Red Hat Enterprise Linux 8.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7096.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: python-cryptography security updateAdvisory ID:        RHSA-2023:7096-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7096Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-23931====================================================================Summary: An update for python-cryptography is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers.Security Fix(es):* python-cryptography: memory corruption via immutable objects (CVE-2023-23931)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-23931References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2171817https://bugzilla.redhat.com/show_bug.cgi?id=2172404

Red Hat Security Advisory 2023-7096-01

Red Hat Security Advisory 2023-7090-01 - An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7090.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libmicrohttpd security updateAdvisory ID:        RHSA-2023:7090-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7090Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-27371====================================================================Summary: An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application.Security Fix(es):* libmicrohttpd: remote DoS (CVE-2023-27371)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-27371References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2174313

Red Hat Security Advisory 2023-7090-01

Red Hat Security Advisory 2023-7083-01 - An update for emacs is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7083.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: emacs security updateAdvisory ID:        RHSA-2023:7083-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7083Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2022-48337====================================================================Summary: An update for emacs is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.Security Fix(es):* emacs: command execution via shell metacharacters (CVE-2022-48337)* emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-48337References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2171987https://bugzilla.redhat.com/show_bug.cgi?id=2171989

Red Hat Security Advisory 2023-7083-01

Red Hat Security Advisory 2023-7077-01 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, and use-after-free vulnerabilities.

The following data is constructed from data provided by Red Hat's json file at:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7077.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: kernel security, bug fix, and enhancement update  
Advisory ID:        RHSA-2023:7077-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7077  
Issue date:         2023-11-14  
Revision:           01  
CVE Names:          CVE-2021-43975  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)

* kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)

* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)

* kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)

* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)

* kernel: use after free flaw in l2cap_conn_del (CVE-2022-3640)

* kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)

* kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)

* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)

* kernel: Information leak in l2cap_parse_conf_req (CVE-2022-42895)

* kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)

* kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)

* kernel: speculative pointer dereference in do_prlimit (CVE-2023-0458)

* kernel: use-after-free due to race condition in qdisc_graft (CVE-2023-0590)

* kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)

* kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)

* kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)

* kernel: hid: Use After Free in asus_remove (CVE-2023-1079)

* kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)

* kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)

* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)

* kernel: denial of service in tipc_conn_close (CVE-2023-1382)

* kernel: Use after free bug in btsdio_remove due to race condition (CVE-2023-1989)

* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)

* kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)

* kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)

* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)

* kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)

* kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)

* kernel: Race between task migrating pages and another task calling exit_mmap (CVE-2023-4732)

* Kernel: denial of service in atm_tc_enqueue due to type confusion (CVE-2023-23455)

* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)

* kernel: Denial of service issue in az6027 driver (CVE-2023-28328)

* kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)

* kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)

* kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)

* kernel: saa7134: race condition leading to use-after-free in saa7134_finidev (CVE-2023-35823)

* kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c (CVE-2023-35824)

* kernel: r592: race condition leading to use-after-free in r592_remove (CVE-2023-35825)

* kernel: net/tls: tls_is_tx_ready() checked list_entry (CVE-2023-1075)

* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)

* kernel: Use after free bug in r592_remove (CVE-2023-3141)

* kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-43975

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index  
https://access.redhat.com/solutions/7027704  
https://bugzilla.redhat.com/show_bug.cgi?id=1975026  
https://bugzilla.redhat.com/show_bug.cgi?id=2024989  
https://bugzilla.redhat.com/show_bug.cgi?id=2037005  
https://bugzilla.redhat.com/show_bug.cgi?id=2073091  
https://bugzilla.redhat.com/show_bug.cgi?id=2112147  
https://bugzilla.redhat.com/show_bug.cgi?id=2133453  
https://bugzilla.redhat.com/show_bug.cgi?id=2133455  
https://bugzilla.redhat.com/show_bug.cgi?id=2139610  
https://bugzilla.redhat.com/show_bug.cgi?id=2147356  
https://bugzilla.redhat.com/show_bug.cgi?id=2148520  
https://bugzilla.redhat.com/show_bug.cgi?id=2149024  
https://bugzilla.redhat.com/show_bug.cgi?id=2151112  
https://bugzilla.redhat.com/show_bug.cgi?id=2151317  
https://bugzilla.redhat.com/show_bug.cgi?id=2156322  
https://bugzilla.redhat.com/show_bug.cgi?id=2165741  
https://bugzilla.redhat.com/show_bug.cgi?id=2165926  
https://bugzilla.redhat.com/show_bug.cgi?id=2166567  
https://bugzilla.redhat.com/show_bug.cgi?id=2168332  
https://bugzilla.redhat.com/show_bug.cgi?id=2173403  
https://bugzilla.redhat.com/show_bug.cgi?id=2173430  
https://bugzilla.redhat.com/show_bug.cgi?id=2173434  
https://bugzilla.redhat.com/show_bug.cgi?id=2173444  
https://bugzilla.redhat.com/show_bug.cgi?id=2174220  
https://bugzilla.redhat.com/show_bug.cgi?id=2174400  
https://bugzilla.redhat.com/show_bug.cgi?id=2175160  
https://bugzilla.redhat.com/show_bug.cgi?id=2175322  
https://bugzilla.redhat.com/show_bug.cgi?id=2175903  
https://bugzilla.redhat.com/show_bug.cgi?id=2176140  
https://bugzilla.redhat.com/show_bug.cgi?id=2177371  
https://bugzilla.redhat.com/show_bug.cgi?id=2177389  
https://bugzilla.redhat.com/show_bug.cgi?id=2178301  
https://bugzilla.redhat.com/show_bug.cgi?id=2181273  
https://bugzilla.redhat.com/show_bug.cgi?id=2181330  
https://bugzilla.redhat.com/show_bug.cgi?id=2182443  
https://bugzilla.redhat.com/show_bug.cgi?id=2183559  
https://bugzilla.redhat.com/show_bug.cgi?id=2184578  
https://bugzilla.redhat.com/show_bug.cgi?id=2185945  
https://bugzilla.redhat.com/show_bug.cgi?id=2186948  
https://bugzilla.redhat.com/show_bug.cgi?id=2187257  
https://bugzilla.redhat.com/show_bug.cgi?id=2188468  
https://bugzilla.redhat.com/show_bug.cgi?id=2189324  
https://bugzilla.redhat.com/show_bug.cgi?id=2192667  
https://bugzilla.redhat.com/show_bug.cgi?id=2192671  
https://bugzilla.redhat.com/show_bug.cgi?id=2193097  
https://bugzilla.redhat.com/show_bug.cgi?id=2193219  
https://bugzilla.redhat.com/show_bug.cgi?id=2209710  
https://bugzilla.redhat.com/show_bug.cgi?id=2213139  
https://bugzilla.redhat.com/show_bug.cgi?id=2213199  
https://bugzilla.redhat.com/show_bug.cgi?id=2213485  
https://bugzilla.redhat.com/show_bug.cgi?id=2213802  
https://bugzilla.redhat.com/show_bug.cgi?id=2214348  
https://bugzilla.redhat.com/show_bug.cgi?id=2215502  
https://bugzilla.redhat.com/show_bug.cgi?id=2215835  
https://bugzilla.redhat.com/show_bug.cgi?id=2215836  
https://bugzilla.redhat.com/show_bug.cgi?id=2215837  
https://bugzilla.redhat.com/show_bug.cgi?id=2217658  
https://bugzilla.redhat.com/show_bug.cgi?id=2218195  
https://bugzilla.redhat.com/show_bug.cgi?id=2218212  
https://bugzilla.redhat.com/show_bug.cgi?id=2218943  
https://bugzilla.redhat.com/show_bug.cgi?id=2221707  
https://bugzilla.redhat.com/show_bug.cgi?id=2223949  
https://bugzilla.redhat.com/show_bug.cgi?id=2225191  
https://bugzilla.redhat.com/show_bug.cgi?id=2225201  
https://bugzilla.redhat.com/show_bug.cgi?id=2225511  
https://bugzilla.redhat.com/show_bug.cgi?id=2230213  
https://bugzilla.redhat.com/show_bug.cgi?id=2236982  
https://issues.redhat.com/browse/RHEL-340

Red Hat Security Advisory 2023-7077-01

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild.
Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release.
The updates are in

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild.

Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release.

The updates are in addition to more than 35 security shortcomings addressed in its Chromium-based Edge browser since the release of Patch Tuesday updates for October 2023.

The five zero-days that are of note are as follows -

*   **CVE-2023-36025** (CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability
*   **CVE-2023-36033** (CVSS score: 7.8) - Windows DWM Core Library Elevation of Privilege Vulnerability
*   **CVE-2023-36036** (CVSS score: 7.8) - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
*   **CVE-2023-36038** (CVSS score: 8.2) - ASP.NET Core Denial of Service Vulnerability
*   **CVE-2023-36413** (CVSS score: 6.5) - Microsoft Office Security Feature Bypass Vulnerability

Both CVE-2023-36033 and CVE-2023-36036 could be exploited by an attacker to gain SYSTEM privileges, while CVE-2023-36025 could make it possible to bypass Windows Defender SmartScreen checks and their associated prompts.

"The user would have to click on a specially crafted Internet Shortcut (.URL) or a hyperlink pointing to an Internet Shortcut file to be compromised by the attacker," Microsoft said about CVE-2023-36025.

The Windows maker, however, has not provided any further guidance on the attack mechanisms employed and the threat actors that may be weaponizing them. But the active exploitation of the privilege escalation flaws suggests that they are likely used in conjunction with a remote code execution bug.

"There have been 12 elevation of privilege vulnerabilities in the DWM Core Library over the last two years, though this is the first to have been exploited in the wild as a zero-day," Satnam Narang, senior staff research engineer at Tenable, said in a statement shared with The Hacker News.

The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the three issues to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to apply the fixes by December 5, 2023.

Also patched by Microsoft are two critical remote code execution flaws in Protected Extensible Authentication Protocol and Pragmatic General Multicast (CVE-2023-36028 and CVE-2023-36397, CVSS scores: 9.8) that a threat actor could leverage to trigger the execution of malicious code.

The November update further includes a patch for CVE-2023-38545 (CVSS score: 9.8), a critical heap-based buffer overflow flaw in the curl library that came to light last month, as well as an information disclosure vulnerability in Azure CLI (CVE-2023-36052, CVSS score: 8.6).

"An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files created by the affected CLI commands and published by Azure DevOps and/or GitHub Actions," Microsoft said.

Palo Alto Networks researcher Aviad Hahami, who reported the issue, said the vulnerability could enable access to credentials stored in the pipeline's log and permit an adversary to potentially escalate their privileges for follow-on attacks.

In response, Microsoft said it has made changes to several Azure CLI commands to harden Azure CLI (version 2.54) against inadvertent usage that could lead to secrets exposure.

**Software Patches from Other Vendors**

In addition to Microsoft, security updates have also been released by other vendors over the past few weeks to rectify several vulnerabilities, including —

*   Adobe
*   AMD (including CacheWarp)
*   Android
*   Apache Projects
*   Apple
*   Aruba Networks
*   Arm
*   ASUS
*   Atlassian
*   Cisco
*   CODESYS
*   Dell
*   Drupal
*   F5
*   Fortinet
*   GitLab
*   Google Chrome
*   Hitachi Energy
*   HP
*   IBM
*   Intel
*   Jenkins
*   Juniper Networks
*   Lenovo
*   Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
*   MediaTek
*   Mitsubishi Electric
*   NETGEAR
*   NVIDIA
*   Palo Alto Networks
*   Qualcomm
*   Samsung
*   SAP
*   Schneider Electric
*   Siemens
*   SolarWinds
*   SonicWall
*   SysAid
*   Trend Micro
*   Veeam
*   Veritas
*   VMware
*   WordPress
*   Zimbra
*   Zoom, and
*   Zyxel

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#red_hat