Publication Date: 07/28/2023 3:30PM PDT AWS is aware of CVE-2023-20593, otherwise known as "Zenbleed", and can confirm this issue affected AMD “Zen 2”, also known as “Rome”, CPUs that power the C5a, C5ad, G4ad, and G5 instance families. Because of the design of the EC2 Nitro hypervisor, there is no risk of cross-instance data access. The updated microcode from AMD has been applied to all C5a, C5ad, G4ad, and G5 instances. No action is required from customers
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2023-004/
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that ...
More info:
https://my.f5.com/manage/s/article/K000135635?utm_source=f5support&utm_medium=RSS
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that ...
More info:
https://my.f5.com/manage/s/article/K000135636?utm_source=f5support&utm_medium=RSS
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions ...
More info:
https://my.f5.com/manage/s/article/K000135637?utm_source=f5support&utm_medium=RSS
Security Advisory Description An issue in “Zen 2†CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. (CVE-2023-20593 also ...
More info:
https://my.f5.com/manage/s/article/K000135632?utm_source=f5support&utm_medium=RSS
Security Advisory Description Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence.
More info:
https://my.f5.com/manage/s/article/K000135633?utm_source=f5support&utm_medium=RSS
An issue with the boot-time programming of access control lists (ACLs) for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow a device to boot without all of its ACLs being correctly installed. This issue is due to a logic error that occurs when ACLs are programmed at boot time. If ACLs are not in sequential order in the startup configuration, some access control entries (ACEs) may not be installed. Because ACLs govern network traffic to,
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclconfig-wVK52f3z?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20and%20Firepower%20Threat%20Defense%20Software%20ACLs%20Not%20Installed%20upon%20Reload&vs_k=1
An issue with the boot-time programming of access control lists (ACLs) for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow a device to boot without all of its ACLs being correctly installed. This issue is due to a logic error that occurs when ACLs are programmed at boot time. If object groups are not in sequential order in the startup configuration, some access control entries (ACEs) may not be installed. Because ACLs govern network
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclconfig-wVK52f3z?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20and%20Firepower%20Threat%20Defense%20Software%20ACLs%20Not%20Installed%20upon%20Reload&vs_k=1
Security Advisory Description Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: GraalVM Compiler). Supported versions that are ...
More info:
https://my.f5.com/manage/s/article/K000135625?utm_source=f5support&utm_medium=RSS
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prior. Easily ...
More info:
https://my.f5.com/manage/s/article/K000135627?utm_source=f5support&utm_medium=RSS
