Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2023-0292)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2023.0292

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2023-0292)

Resumen: The remote host is missing an update for the 'libxpm' package(s) announced via the MGASA-2023-0292 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libxpm' package(s) announced via the MGASA-2023-0292 advisory.

Vulnerability Insight:
A vulnerability was found in libXpm due to a boundary condition within
the XpmCreateXpmImageFromBuffer() function. This flaw allows a local to
trigger an out-of-bounds read error and read the contents of memory on
the system. (CVE-2023-43788)

Out of bounds read on XPM with corrupted colormap. (CVE-2023-43789)

Affected Software/OS:
'libxpm' package(s) on Mageia 8, Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-43788
RHBZ#2242248
https://bugzilla.redhat.com/show_bug.cgi?id=2242248
RHSA-2024:2146
https://access.redhat.com/errata/RHSA-2024:2146
RHSA-2024:2217
https://access.redhat.com/errata/RHSA-2024:2217
RHSA-2024:2974
https://access.redhat.com/errata/RHSA-2024:2974
RHSA-2024:3022
https://access.redhat.com/errata/RHSA-2024:3022
https://access.redhat.com/security/cve/CVE-2023-43788
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/
Common Vulnerability Exposure (CVE) ID: CVE-2023-43789
RHBZ#2242249
https://bugzilla.redhat.com/show_bug.cgi?id=2242249
https://access.redhat.com/security/cve/CVE-2023-43789

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2023.0292
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2023-0292)
Resumen:	The remote host is missing an update for the 'libxpm' package(s) announced via the MGASA-2023-0292 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libxpm' package(s) announced via the MGASA-2023-0292 advisory. Vulnerability Insight: A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local to trigger an out-of-bounds read error and read the contents of memory on the system. (CVE-2023-43788) Out of bounds read on XPM with corrupted colormap. (CVE-2023-43789) Affected Software/OS: 'libxpm' package(s) on Mageia 8, Mageia 9. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-43788 RHBZ#2242248 https://bugzilla.redhat.com/show_bug.cgi?id=2242248 RHSA-2024:2146 https://access.redhat.com/errata/RHSA-2024:2146 RHSA-2024:2217 https://access.redhat.com/errata/RHSA-2024:2217 RHSA-2024:2974 https://access.redhat.com/errata/RHSA-2024:2974 RHSA-2024:3022 https://access.redhat.com/errata/RHSA-2024:3022 https://access.redhat.com/security/cve/CVE-2023-43788 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/ Common Vulnerability Exposure (CVE) ID: CVE-2023-43789 RHBZ#2242249 https://bugzilla.redhat.com/show_bug.cgi?id=2242249 https://access.redhat.com/security/cve/CVE-2023-43789
Copyright	Copyright (C) 2023 Greenbone AG