Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
100
security advisorymoderateSuSESUSE: Jasper Moderate Image Processing Security Update 2025:03367-1
* bsc#1247901 * bsc#1247902 * bsc#1247904 Cross-References: . # Security update for jasper Announcement ID: SUSE-SU-2025:03367-1 Release Date: 2025-09-26T09:14:34Z Rating: moderate References: * bsc#1247901 * bsc#1247902 * bsc#1247904 Cross-References: * CVE-2025-8835 * CVE-2025-8836 * CVE-2025-8837 CVSS scores: * CVE-2025-8835 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8835 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8835 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8836 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8836 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8836 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8836 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8837 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-8837 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-8837 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8837 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-8837 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE LinuxEnterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2025-8835: missing range check in the JPEG-2000 (JPC) Encoder leads to assertion failure and crash when processing a malformed JPEG2000 image with an invalid `cblkwidth` parameter (bsc#1247904). * CVE-2025-8836: out-of-bounds array indexing in function `jas_image_chclrspc` leads to crash when processing a malformed image file with BMP output format and color space conversion (bsc#1247902). * CVE-2025-8837: missing operations in cleanup code of the JPEG-2000 (JPC) Encoder leads to use-after-free when processing malformed JPEG2000 images with certain debug levels enabled (bsc#1247901). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3367=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libjasper1-debuginfo-1.900.14-195.43.1 * libjasper1-1.900.14-195.43.1 * jasper-debugsource-1.900.14-195.43.1 * libjasper1-debuginfo-32bit-1.900.14-195.43.1 * libjasper1-32bit-1.900.14-195.43.1 * libjasper-devel-1.900.14-195.43.1 * jasper-debuginfo-1.900.14-195.43.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8835.html * https://www.suse.com/security/cve/CVE-2025-8836.html * https://www.suse.com/security/cve/CVE-2025-8837.html * https://bugzilla.suse.com/show_bug.cgi?id=1247901 * https://bugzilla.suse.com/show_bug.cgi?id=1247902 * https://bugzilla.suse.com/show_bug.cgi?id=1247904 . The latest update for Jasper tackles three critical problems associated with JPEG-2000 processing errors that are affecting SUSE Linuxsystems.. jasper security patch, SUSE update, JPEG processing issue, image encoding security, Linux patch management. . LinuxSecurity.com Team
Sep 26, 2025
SuSE
100
security advisoryimportantDenial of ServiceSUSE: 2024:1299-1 Important: Kernel Live Patch 11 Denial of Service Fix
* bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 . # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1299-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_60 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function(bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 âPacket Too Bigâ packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1299=1 SUSE-2024-1300=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1299=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1300=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-12-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-12-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 . Red Hat releases significant security patches for the Linux Kernel tackling severe vulnerabilities impacting multiple versions.. Linux Kernel Update, SUSE Patch Release, DoS Fix, Live Patching Security. . Severity: Important. LinuxSecurity.com Team
Apr 15, 2024
•Important
SuSE
100
security advisoryDoSimportantSUSE: 2024:1249-1 Important: Live Patch Fix, DoS and Memory Security Issues
* bsc#1218613 * bsc#1219078 * bsc#1219296 Cross-References: . # Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1249-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_130 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2023-52340: Fixed ICMPv6 âPacket Too Bigâ packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ##Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1249=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1250=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1250=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_35-debugsource-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_148-default-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_148-default-debuginfo-12-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_130-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_35-debugsource-8-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_130-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-8-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_130-default-8-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 . Critical system patches for Linux Kernel tackling various significant vulnerabilities in multiple SUSE distributions.. SUSE Linux Kernel Update, Live Patching Security Fix, System Administration, Linux Kernel Updates. . Severity: Important. LinuxSecurity.com Team
Apr 11, 2024
•Important
SuSE
98
security advisorymoderate severitysecurity impactRed Hat RHSA-2023-4210-01 Important: OpenJDK 11u162 Security Patch
An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenJDK 8u382 Security Update for Portable Linux Builds Advisory ID: RHSA-2023:4209-01 Product: OpenJDK Advisory URL: https://access.redhat.com/errata/RHSA-2023:4209 Issue date: 2023-07-20 CVE Names: CVE-2023-22045 CVE-2023-22049 ==================================================================== 1. Summary: An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 (8u382) for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 (8u372) and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For details on how to apply this update, which includes the changes described in this advisory,refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2221645 - CVE-2023-22045 OpenJDK: array indexing integer overflow issue (8304468) 2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) 5. References: https://access.redhat.com/security/cve/CVE-2023-22045 https://access.redhat.com/security/cve/CVE-2023-22049 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJkuTHcAAoJENzjgjWX9erEgXIQAJFZECxj9oL3NpeYArIzAqmF zkUNECAYxx3NGvjH1cIdmWX0Y2Xm8qZ52NgN6cQ0/yHKKiPi8Q+vm/beHJrhoGMh qMbFskp5vL81C8day7wcbZWj8KFtk3w7vNrsp2KK+m6nNE4dqCQOdg1ecgVYmUmV O3j7R8LqVZzQcNGpfpLd1ecIvJYAjISSQ/V0lUQshOS+weYfrNfxGRKdtOjbTAhc 5E7lRpdn+KvAVJNl7uHSF/saRD8uJiyZZ1DkYI5hLH7sWcvoRXQmiK5OqLFO2UQk ocwYHgVfOkkCNZaplqa+6J7J2zpba4n+DMYAnKtPmNNVhhaBVXcElRRQ05IG9Fbu VxDHuFOhbonyBWvz6A+siDR0YDYbSt731oVcGORIdYAePzy80r1E34YffbeZwy4o 9CqnST0rwjZcCC3wB62lIzAngbzwhVyN+hjfIS++K8tpaT0RYsSvCSZ7KX8Hqime GNMXkN65NUU2d2DtIxTifIdn2nTm2VGX/3efXzv8Z7/w14b6ANmHVQY7hZ3R0VAi Q7DL9wYCKghF+xHPCKngawGKjCb0hldQVKFQuhCCsh7ZXKG6eCWpSeq7s5DUChC9 4+fq01yz5Z6g9mRHohUxovyjW4PG9SydoLsDqaIAmLCu3OlAtLd7NN8dNsw/U7Hj 91AxhXf7MNGg+9YAD97Q =TF5g -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 20, 2023
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuxmoderate impactRed Hat Enterprise Linux 9.0: RHSA-2023-4169-01 Moderate Java-17 Update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: java-17-openjdk security update Advisory ID: RHSA-2023:4169-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:4169 Issue date: 2023-07-19 CVE Names: CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22044 CVE-2023-22045 CVE-2023-22049 CVE-2023-25193 ==================================================================== 1. Summary: An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64 3. Description: The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036) * OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041) * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193) * OpenJDK: HTTP client insufficient file name validation(8302475) (CVE-2023-22006) * OpenJDK: modulo operator array indexing issue (8304460) (CVE-2023-22044) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2167254 - CVE-2023-25193 harfbuzz: OpenJDK: O(n^2) growth via consecutive marks 2221619 - OpenJDK: font processing denial of service vulnerability (8301998) 2221626 - CVE-2023-22006 OpenJDK: HTTP client insufficient file name validation (8302475) 2221634 - CVE-2023-22036 OpenJDK: ZIP file parsing infinite loop (8302483) 2221642 - CVE-2023-22044 OpenJDK: modulo operator array indexing issue (8304460) 2221645 - CVE-2023-22045 OpenJDK: array indexing integer overflow issue (8304468) 2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) 2223207 - CVE-2023-22041 OpenJDK: weakness in AES implementation (8308682) 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.9.0): Source: java-17-openjdk-17.0.8.0.7-1.el9_0.src.rpm aarch64: java-17-openjdk-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-demo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-javadoc-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-javadoc-zip-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-jmods-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-src-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-static-libs-17.0.8.0.7-1.el9_0.aarch64.rpm ppc64le: java-17-openjdk-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-demo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-javadoc-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-javadoc-zip-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-jmods-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-src-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-static-libs-17.0.8.0.7-1.el9_0.ppc64le.rpm s390x: java-17-openjdk-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-demo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-devel-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-headless-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-javadoc-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-javadoc-zip-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-jmods-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-src-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-static-libs-17.0.8.0.7-1.el9_0.s390x.rpm x86_64: java-17-openjdk-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-demo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-javadoc-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-javadoc-zip-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-jmods-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-src-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-static-libs-17.0.8.0.7-1.el9_0.x86_64.rpm Red Hat CodeReady Linux Builder EUS(v.9.0): aarch64: java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-demo-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-demo-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-devel-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-headless-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-jmods-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-jmods-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-src-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-src-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-static-libs-fastdebug-17.0.8.0.7-1.el9_0.aarch64.rpm java-17-openjdk-static-libs-slowdebug-17.0.8.0.7-1.el9_0.aarch64.rpm ppc64le: java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-demo-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-demo-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-devel-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-headless-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-jmods-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-jmods-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-src-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-src-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-static-libs-fastdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm java-17-openjdk-static-libs-slowdebug-17.0.8.0.7-1.el9_0.ppc64le.rpm s390x: java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-demo-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-devel-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-devel-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-headless-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-headless-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-jmods-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-src-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm java-17-openjdk-static-libs-slowdebug-17.0.8.0.7-1.el9_0.s390x.rpm x86_64: java-17-openjdk-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-debugsource-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-demo-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-demo-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-devel-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-fastdebug-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-headless-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-jmods-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-jmods-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-slowdebug-debuginfo-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-src-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-src-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-static-libs-fastdebug-17.0.8.0.7-1.el9_0.x86_64.rpm java-17-openjdk-static-libs-slowdebug-17.0.8.0.7-1.el9_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2023-22006 https://access.redhat.com/security/cve/CVE-2023-22036 https://access.redhat.com/security/cve/CVE-2023-22041 https://access.redhat.com/security/cve/CVE-2023-22044 https://access.redhat.com/security/cve/CVE-2023-22045 https://access.redhat.com/security/cve/CVE-2023-22049 https://access.redhat.com/security/cve/CVE-2023-25193 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJkuIhTAAoJENzjgjWX9erEkLAP/1vjQfBxP2UxXlZ+4o02zyVg npJYtMRGPxawHWx+dF5MHW+EUllT1ro4+oL8vqxmKFDCuX8qHEEMSTzsa0vM+nEf 9IsFDxGKeCpWc4NO9ef49r44bJKFHjhDOb+uf32GhhFFOkIJzMRP/9n7KjnEOWoT 64pmr+ZZSLQ32IhL9FfUfmOvk6/lWtuzgJUD1ptaWKdCuTCNFZT/coZUaYrC3Hck jkM9IlO1zvh8AqxQ7r/vJhDLnM9ASbZFn+jysyX6O+JVxNvijELnuBP6Z+a0XL2y Q5y5WfI7KyccwzSJ07Keq83BihNBXlhb3UEVlMG4JMI75ivfGPLNneUa9t8lfXG4 qEoT0HPDCo2PjJ+dHLIejCGHKcWD5JYd3krckdjmcix6KvqMU9/2pkNXJtkbT45Q qr8+3NHzHorCxFXNyW9I6z1gqj2Gy6u/Q9WXqeOrIleGQ04QHuaLocK/wDChQf9S NSF6nAz1/uiGPa415Zz9pcZUeDoSqC/5U+FIS+8OV5H65AfLP9Hxav0PkIAFTc7K ekeu+od5WrrPt2jSPd58QM+T5+ZoMPS+M+l8qCAIcQJJ1RVthjPY3bmI4EMIDS/q usozZz4cMU1jhQ/rdOnfqob6xoUvLgMtNWZdHKgmMjc9Aul+DXCn+fB4frmW83mH MA6mrIDAJWlkl3R/aRh4 =2pX/ -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 20, 2023
Red Hat
91
security advisoryGentooremote executionGentoo: GLSA-200708-02 Normal: Xvid Array Indexing Risk of Remote Execution
Several array indexing vulnerabilities were discovered in Xvid, possibly allowing for the remote execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200708-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Xvid: Array indexing vulnerabilities Date: August 08, 2007 Bugs: #183145 ID: 200708-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Several array indexing vulnerabilities were discovered in Xvid, possibly allowing for the remote execution of arbitrary code. Background ========= Xvid is a popular open source video codec licensed under the GPL. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/xvid < 1.1.3 > = 1.1.3 Description ========== Trixter Jack discovered an array indexing error in the get_intra_block() function in the file src/bitstream/mbcoding.c. The get_inter_block_h263() and get_inter_block_mpeg() functions in the same file were also reported as vulnerable. Impact ===== An attacker could exploit these vulnerabilities to execute arbitrary code by tricking a user or automated system into processing a malicious video file with an application that makes use of the Xvid library. Workaround ========= There is no known workaround at this time. Resolution ========= All Xvid users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/xvid-1.1.3" References ========= [ 1 ] CVE-2007-3329 https://www.cve.org/CVERecord?id=CVE-2007-3329 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200708-02 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Aug 08, 2007
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!