Preface: Why do I say on behalf of the Linux kernel that it takes time to adjust. If you recall, last year (December 2022), a flaw was found in fib6_rule_suppress() that would crash the kernel. According to the RedHat knowledge base, a resolution is in the works. That’s why I mentioned. Perhaps the website not update the status yet. However there is another new flaw relate to fib6_rule_suppress( ) was found.

Background: Linux kernel has had IPv6 support since 1996. So, you must compile the Linux kernel with IPv6 networking support.
When the IPv6 is in enabled state is set to 0 else it is 1:
cat /sys/module/ipv6/parameters/disable
IPv6 uses the same data struct for both control plane (FIB entries) and
data path (dst entries). This struct has elements needed for both paths
adding memory overhead and complexity (taking a dst hold in most places but an additional reference on rt6i_ref in a few). Furthermore, because of the dst_alloc tie, all FIB entries are allocated with GFP_ATOMIC (Used to allocate memory from interrupt handlers and other code outside of a process context).to improve the scalability of the IPv6 code. It include:
Allow FIB lookups without generating a dst (e.g., most rt6_lookup users just want to verify the egress device). Means moving dst allocation to the other side of fib6_rule_lookup which again aligns with IPv4 behavior.

Vulnerability details: A flaw in the Linux Kernel found. If IPV6 being used in the way that some specific networking local rule enabled and both IPV6 being used, then it can lead to Kernel crash with the message “fib6_rule_suppress+0x22”. It happens when receiving some networking packet to the local IPV6 address that matches this specific rule.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-3022

Preface: Linux supports virtual memory, that is, using a disk as an extension of RAM so that the effective size of usable memory grows correspondingly. The kernel will write the contents of a currently unused block of memory to the hard disk so that the memory can be used for another purpose.

Background: Linux supports virtual memory. You can adjust the usage of virtual memory of the Linux kernel.The default on most systems is 60. Setting it to 0 means that Linux won’t swap.
Example: use the sysctl command: sudo sysctl vm[.]swappiness=40.
To change it permanently, edit the /etc/sysctl[.]conf file as root and place the line, “vm[.]swappiness=[swappiness number]”, where “[swappiness number]” is the swappiness number you want.

Ref: Routing and ARP tables are stored in RAM.

Vulnerability details: FortiOS & FortiProxy: authenticated user null pointer dereference in SSL-VPN.
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.

Official details: For details, please refer to link – https://nvd.nist.gov/vuln/detail/CVE-2023-33307

Preface: Since Microsoft didn’t provide details. In this example, no dangerous code is included, just my speculation about a design weakness in the ODBC Driver for SQL Server for this week’s Patch Tuesday.

Background: Switch to the new Microsoft OLE DB Driver (MSOLEDBSQL) for SQL Server or the latest Microsoft ODBC Driver for SQL Server going forward.
The SQL Server Native Client (often abbreviated SNAC) has been removed from SQL Server 2022 (16.x) and SQL Server Management Studio 19 (SSMS). The SQL Server Native Client (SQLNCLI or SQLNCLI11) and the legacy Microsoft OLE DB Provider for SQL Server (SQLOLEDB) are not recommended for new application development. Switch to the new Microsoft OLE DB Driver (MSOLEDBSQL) for SQL Server or the latest Microsoft ODBC Driver for SQL Server going forward. For SQLNCLI that ships as a component of SQL Server Database Engine (versions 2012 through 2019).

Vulnerability details:
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability:
CVE-2023-32027, CVE-2023-32026, CVE-2023-32025 , CVE-2023-29356
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
CVE-2023-29349

Office announcement: For details, please refer to link – https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349

Preface: Each SharePoint site comes with default groups and permissions.There are several options when it comes to managing permissions in SharePoint.
But you should be aware somethings!

Background: Default Permissions in SharePoint. By default, all SharePoint sites are created with the three security groups below:
• Owners – Have full control over the site
• Members – Can add and edit the content (files, lists, etc) on the site
• Visitors – Can only read
What are the levels of SharePoint site? The default permission levels are Limited Access, Read, Contribute, Design, and Full Control.
SharePoint Server permission levels are defined at the site collection level and are inherited from the parent object by default.

Vulnerability details: CVE-2023-33142 – Microsoft SharePoint Server Elevation of Privilege Vulnerability.
Since Microsoft did not release the technical details. See whether this vulnerability (CVE-2023-33142) will have similarity with attached diagram description?

Official announcement: For details, please refer to the link – https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33142

Preface: Google (Android) and Qualcomm pioneer empower the infotainment and connectivity processors for automotive. As times goes by, when you jump to driver seat, a multifucntion dsahboard can provide functions to you.
In-car entertainment or in-vehicle infotainment systems are large touch screens usually positioned on a vehicle’s dashboard or on the back of seats.

Background: The S820Am Snapdragon processor includes four Kryo™ CPUs, a Qualcomm® Adreno™ 530 GPU and high-performance Hexagon™ 680 DSP. The ADP features rich connectivity through the X12 LTE modem, and 802.11a/b/g/n/ac, Bluetooth 4.1 and GNSS, Glonass, BDS, Galileo. The ADP supports multiple camera sensors and 4K display outputs.

Vulnerability details: Memory corruption in Automotive GPU while querying a gsl memory node.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-21632