Preface: WebKitGTK is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.

Background: There is no Webkit. framework in Cocoa Touch. The webkit framework is only available on OS X. For iOS, just use UIWebview.
The Core OS Layer is the last layer of the iOS stack and sits directly on top of the device hardware. This layer provides a variety of services including low level networking, access to external accessories and the usual fundamental operating system services such as memory management, file system handling and threads.

Vulnerability details: A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

My observation: Since the vulnerability not described in details! My speculation, does vendor found attacker exploit below design weakness (see belwo):
%rbx is a callee save register , we know that some callee of JITCode::execute() must have modified %rbx and failed to restore it before returning. JSC does have code to save and restore callee save registers in LLInt interpreter and Just-In-Time (JIT) compiler generated code.
Perhaps the vulnerability enhancement is going to correctly caller-save return address register.

Official announcement: For details, please refer to the link https://nvd.nist.gov/vuln/detail/CVE-2023-23529

Preface: Use-After-Free (UAF) is a vulnerability related to incorrect use of dynamic memory during program operation. If after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to hack the program.

Background: Background: tcindex, traffic control index filter. This filter allows to match packets based on their tcindex field value, i.e. the combination of the DSCP and ECN fields as present in IPv4 and IPv6 headers.
SYNOPSIS:
tc filter … tcindex [ hash SIZE ] [ mask MASK ] [ shift SHIFT ] [ pas_on | fall_through ] [ classid CLASSID] [ action ACTION_SPEC ]

Vulnerability details: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.

Solution: How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278

Preface: During the learning process of artificial intelligence, he was always disrupted by vulnerabilities. Artificial intelligence said, to become an artificial intelligence, I will use my wisdom to create a perfect OS system.

Background: Large scale of artificial intelligence structure especially machine learning may have a enterprise Linux system installed. The key component is shown as below:
Apache Kafka is an open source distributed streaming system for stream processing, real-time data pipelines, and large-scale data integration.
Kafka with more than one broker is called Kafka Cluster. It can be expanded and used without downtime. Apache Kafka Clusters are used to manage the persistence and replication of messages of data, so if the primary cluster goes down, other Kafka Clusters can be used to deliver the same service without any delay.
However if there is vulnerability occurs on Linux system. It will cause unforseen problem on the infrastructure.

Vulnerability details: CVE-2023-0767 – An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.
Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.
Remark: To better support the PKCS12 format add one or several command line options to the pkcs12 tool to allow adding arbitrary attributes to bags.

Official announcement: For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the link – https://access.redhat.com/security/cve/CVE-2023-0767

Preface: Meltdown is a vulnerability allowing a process to read all memory in a given system.

Background: The Xen Project is a free and open source type-1 or bare-metal hypervisor that enables a computer to run multiple operating systems simultaneously on the same hardware. A Type 1 hypervisor runs directly on the underlying computer’s physical hardware, interacting directly with its CPU, memory, and physical storage. For this reason, Type 1 hypervisors are also referred to as bare-metal hypervisors. A Type 1 hypervisor takes the place of the host operating system.
The pros of type-1 hypervisors lie in performance and security. It offerrs high performance because the hypervisor has direct access to the hardware. Security is also more reliable on type-1 than type-2, because there is no interface between the hypervisor and CPU.

Vulnerability details: Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late.
In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.

Impact: An attacker might be able to infer the contents of arbitrary host memory, including memory assigned to other guests.

Affected system: Xen versions 4.5 through 4.17 are vulnerable. Older versions are not vulnerable.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2022-42331

Preface: Vanilla JS is faster than other frameworks. It provides better response than all other front-end frameworks. In additional, it renders UI up to 30 times faster than React JS. In Vanilla, handling UI state is simple.React is a free and open source front-end JavaScript tool library for building user interfaces based on UI components. It is maintained by Meta and a community of individual developers and companies. React can be used as the basis for developing single-page, mobile or server-side rendering applications with frameworks like Next[.]js.

Background: Since client-side JavaScript is a necessity for any business building dynamic web pages or websites that use single-page application (SPA) architecture.
About twelve years ago, the modern web frontend development has advanced a lot. In order to exploit the features of Model-View-Controller (MVC) architecture. So it need to consider the frontend as a separate entity which talks to the backend only using the REST API (most preferably, REST JSON).
Below details describe the flow of SPA (single-page application).

• Request the HTML template/s to the browser in one single go.
• Then, query the JSON REST API to fill a model (data object).
• Adjust the UI according to the data in the model (JSON).
• When users modify the UI, the model (data object) should change automatically. For example, in AngularJS, it is possible with two-way data binding. Finally, make REST API calls to notify the server about changes whenever you want.

Suggestion: Refer to picture, Example A and B has the own advantage. Perhaps developers will be overlook cyber security awareness. Make it simple use Vanilla JS. However it contains a potential risk when used. It’s because the JavaScript code is viewable on the client-side. Thus, the most significant disadvantage of a Vanilla script is client-side security.
Remark: The design objective of vanilla script is used to refer to the pure JavaScript without any type of additional library.

Preface: The word Database, inspire you thinking a large volume of database. For example, a structured set of data held in a computer, especially one that is accessible in various ways. Do a transformation of design, bring the data which going to use to a specify memory. Compare to disk access storage, direct access to memory will be more faster. This is one of the modern strategy in big data analytic design solution.

Background: Running in-memory means requests for data do not require a trip to disk.

• What memory does Redis use? An empty instance uses ~ 3MB of memory. 1 Million small Keys -> String Value pairs use ~ 85MB of memory. 1 Million Keys -> Hash value, representing an object with 5 fields, use ~ 160 MB of memory.
  In Ubuntu and other Linux distributions, the Redis database directory is /var/lib/redis .

Vulnerability details: The vulnerability exists due to a reachable assertion when handling the MSETNX command. A remote attacker can send a specially crafted MSETNX command and perform a denial of service (DoS) attack.
Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process.

Solution: The problem is fixed in Redis version 7.0.10.

Official details: Please refer to NATIONAL VULNERABILITY DATABASE – https://nvd.nist.gov/vuln/detail/CVE-2023-28425

Preface: As a computer end user. When there is a vulnerability, the only way is to patch it according to the official announcement.
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language API to access the secure communications protocols.
Remark: If OpenSSL is selected over GnuTLS, neither libnettle nor libgcrypt will be used.

Background: GnuTLS is a free software implementation of the TLS, SSL and DTLS protocols. It offers an application programming interface for applications to enable secure communication over the network transport layer, as well as interfaces to access X.509, PKCS #12, OpenPGP and other structures.

Vulnerability details: A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.

SUSE – Recommended update for gnutls: This update for gnutls fixes the following issues:

FIPS: Establish PBKDF2 additional requirements [bsc #1209001]

• Set the minimum output key length to 112 bits (FIPS 140-3 IG D.N)
• Set the minimum salt length to 128 bits (SP 800-132 sec. 5.1)
• Set the minimum iterations count to 1000 (SP 800-132 sec 5.2)
• Set the minimum passlen of 20 characters (SP SP800-132 sec 5)
• Add regression tests for the new PBKDF2 requirements.

Official announcement: please refer to National vulnerability database – https://nvd.nist.gov/vuln/detail/CVE-2023-0361

Preface: Make sure to use the STUN message format specified in standard, to perform the MESSAGE-INTEGRITY computation. This protocol uses Simple Traversal of UDP through NAT (STUN) binding request and response messages for connectivity checks between the two endpoints.

Background: Most attackers utilize UDP to launch amplification attacks since reflection of traffic with spoofed IP source address is possible due to the lack of proper handshake. While UDP makes it easy to launch reflected amplification attacks.
Since the STUN mechanism is that if request is valid, the endpoint MUST send a Simple Traversal of UDP through NAT (STUN) binding response message.
UDP a low-level network protocol which does not set up a connection verifying the return address of the sender, it was possible to spoof the return address of the requests to that of the victim.

Vulnerability details: Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.

Official details: Please refer to the URL link – https://explore.zoom.us/en/trust/security/security-bulletin/