Preface: The state in Redux is stored in memory. This means that, if you refresh the page the state gets wiped out. The state in redux is just a variable that persists in memory because it is referenced by all redux functions.

Background: Safari is a web browser developed by Apple. It is built into Apple’s operating systems, including macOS, iOS, and iPadOS, and uses Apple’s open-source browser engine WebKit, which was derived from KHTML.
The rendering engine is used to display the requested content on the user interface and the browser engine marshalling actions between the UI and the rendering engine.
Redux is a predictable state container for JavaScript apps. It helps you write applications that behave consistently.
Refer to my speculation (see attached picture). Due to such operation and design. I speculate that these three vulnerabilities are caused by Redux JavaScript library located in browser.

Vulnerability details:
According to CVE-2023-32434, the vulnerability details indicated that a design weakness in input validation.
Thereby, an integer overflow was triggered (CVE-2023-32439), due to weakness of input validation. As a result, a memory corruption issue was happened due to state management weakness (CVE-2023-32435).

https://nvd.nist.gov/vuln/detail/CVE-2023-32434
https://nvd.nist.gov/vuln/detail/CVE-2023-32435
https://nvd.nist.gov/vuln/detail/CVE-2023-32439

Preface: Information security driven role base access control. But when cloud service provider design or implement access control. It will be sophisticated. If access control include virtual machine technology under hierarchical structure. In order to harden the effectiveness of the control.
Cloud resources are organised hierarchically, where the organisation node is the root node in the hierarchy, the projects are the children of the organisation, and the other resources are descendants of projects. You can set allow policies at different levels of the resource hierarchy.

Background: Secure computing mode (seccomp) is a Linux kernel feature. You can use it to restrict the actions available within the container.
The seccomp() system call operates on the seccomp state of the calling process.
You can use this feature to restrict your application’s access.
This feature is available only if Docker has been built with seccomp and the kernel is configured with CONFIG_SECCOMP enabled.

Vulnerability details: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.

Official details: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-2431

Preface: Why do I say on behalf of the Linux kernel that it takes time to adjust. If you recall, last year (December 2022), a flaw was found in fib6_rule_suppress() that would crash the kernel. According to the RedHat knowledge base, a resolution is in the works. That’s why I mentioned. Perhaps the website not update the status yet. However there is another new flaw relate to fib6_rule_suppress( ) was found.

Background: Linux kernel has had IPv6 support since 1996. So, you must compile the Linux kernel with IPv6 networking support.
When the IPv6 is in enabled state is set to 0 else it is 1:
cat /sys/module/ipv6/parameters/disable
IPv6 uses the same data struct for both control plane (FIB entries) and
data path (dst entries). This struct has elements needed for both paths
adding memory overhead and complexity (taking a dst hold in most places but an additional reference on rt6i_ref in a few). Furthermore, because of the dst_alloc tie, all FIB entries are allocated with GFP_ATOMIC (Used to allocate memory from interrupt handlers and other code outside of a process context).to improve the scalability of the IPv6 code. It include:
Allow FIB lookups without generating a dst (e.g., most rt6_lookup users just want to verify the egress device). Means moving dst allocation to the other side of fib6_rule_lookup which again aligns with IPv4 behavior.

Vulnerability details: A flaw in the Linux Kernel found. If IPV6 being used in the way that some specific networking local rule enabled and both IPV6 being used, then it can lead to Kernel crash with the message “fib6_rule_suppress+0x22”. It happens when receiving some networking packet to the local IPV6 address that matches this specific rule.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-3022

Preface: Linux supports virtual memory, that is, using a disk as an extension of RAM so that the effective size of usable memory grows correspondingly. The kernel will write the contents of a currently unused block of memory to the hard disk so that the memory can be used for another purpose.

Background: Linux supports virtual memory. You can adjust the usage of virtual memory of the Linux kernel.The default on most systems is 60. Setting it to 0 means that Linux won’t swap.
Example: use the sysctl command: sudo sysctl vm[.]swappiness=40.
To change it permanently, edit the /etc/sysctl[.]conf file as root and place the line, “vm[.]swappiness=[swappiness number]”, where “[swappiness number]” is the swappiness number you want.

Ref: Routing and ARP tables are stored in RAM.

Vulnerability details: FortiOS & FortiProxy: authenticated user null pointer dereference in SSL-VPN.
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.

Official details: For details, please refer to link – https://nvd.nist.gov/vuln/detail/CVE-2023-33307

Preface: Since Microsoft didn’t provide details. In this example, no dangerous code is included, just my speculation about a design weakness in the ODBC Driver for SQL Server for this week’s Patch Tuesday.

Background: Switch to the new Microsoft OLE DB Driver (MSOLEDBSQL) for SQL Server or the latest Microsoft ODBC Driver for SQL Server going forward.
The SQL Server Native Client (often abbreviated SNAC) has been removed from SQL Server 2022 (16.x) and SQL Server Management Studio 19 (SSMS). The SQL Server Native Client (SQLNCLI or SQLNCLI11) and the legacy Microsoft OLE DB Provider for SQL Server (SQLOLEDB) are not recommended for new application development. Switch to the new Microsoft OLE DB Driver (MSOLEDBSQL) for SQL Server or the latest Microsoft ODBC Driver for SQL Server going forward. For SQLNCLI that ships as a component of SQL Server Database Engine (versions 2012 through 2019).

Vulnerability details:
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability:
CVE-2023-32027, CVE-2023-32026, CVE-2023-32025 , CVE-2023-29356
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
CVE-2023-29349

Office announcement: For details, please refer to link – https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349

Preface: Each SharePoint site comes with default groups and permissions.There are several options when it comes to managing permissions in SharePoint.
But you should be aware somethings!

Background: Default Permissions in SharePoint. By default, all SharePoint sites are created with the three security groups below:
• Owners – Have full control over the site
• Members – Can add and edit the content (files, lists, etc) on the site
• Visitors – Can only read
What are the levels of SharePoint site? The default permission levels are Limited Access, Read, Contribute, Design, and Full Control.
SharePoint Server permission levels are defined at the site collection level and are inherited from the parent object by default.

Vulnerability details: CVE-2023-33142 – Microsoft SharePoint Server Elevation of Privilege Vulnerability.
Since Microsoft did not release the technical details. See whether this vulnerability (CVE-2023-33142) will have similarity with attached diagram description?

Official announcement: For details, please refer to the link – https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33142