proj: Linux
subj: [vs-plain] A double free vulnerability was found in the hci_conn_cleanup function of the Bluetooth subsystem
trep: Wed Mar 08 10:06:04 2023
tcrd: March 28 \\ 2023-03-28T10:05:42+00:00
cves: CVE-2023-28464
#lpub: https://groups.google.com/g/syzkaller-bugs/c/S3jXv1WxbOI/m/B5Gd5viFAgAJ
tpub: Thu Mar 09 07:49:39 2023
lpub: https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm@gmail.com/
toss: Tue Mar 28 11:18:01 2023
soss: [oss-security] CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free
loss: https://www.openwall.com/lists/oss-security/2023/03/28/2

proj: Linux
subj: [vs-plain] Reporting a USB-accessible slab-out-of-bounds read in brcmfmac
trep: Thu Mar 09 11:24:15 2023
cves: CVE-2023-1380
tpub: Thu Mar 09 10:45:59 2023
lpub: https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang@yonsei.ac.kr/
toss: Mon Mar 13 13:03:07 2023
soss: [oss-security] A USB-accessible slab-out-of-bounds read in Linux kernel driver
loss: https://www.openwall.com/lists/oss-security/2023/03/13/1

proj: Bluez, Intel wireless devices
subj: [vs-plain] Bluetooth Low Energy stuck in unresponsive state after repeated out of order transmission of packets
trep: Fri Mar 10 18:08:39 2023
toss: Thu Nov 02 22:55:03 2023
soss: [oss-security] Bluez, Intel wireless devices: Bluetooth Low Energy stuck in unresponsive state after repeated out of order transmission of packets
loss: https://www.openwall.com/lists/oss-security/2023/11/02/2

proj: curl
subj: [vs-plain] curl: CVE-2023-27533: TELNET option IAC injection (1/6)
trep: Mon Mar 13 11:26:18 2023
tcrd: March 20
cves: CVE-2023-27533
tpub: Fri Mar 10 16:43:00 2023
lpub: https://github.com/curl/curl/commit/538b1e79a6e7b
toss: Mon Mar 20 07:26:15 2023
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27533: TELNET option IAC injection
loss: https://www.openwall.com/lists/oss-security/2023/03/20/1

proj: curl
subj: [vs-plain] curl: CVE-2023-27534: SFTP path ~ resolving discrepancy (2/6)
trep: Mon Mar 13 11:26:19 2023
tcrd: March 20
cves: CVE-2023-27534
tpub: Fri Mar 10 22:20:00 2023
lpub: https://github.com/curl/curl/commit/4e2b52b5f7a3bf50a
toss: Mon Mar 20 07:26:20 2023
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27534: SFTP path ~ resolving discrepancy
loss: https://www.openwall.com/lists/oss-security/2023/03/20/2

proj: curl
subj: [vs-plain] curl: CVE-2023-27535: FTP too eager connection reuse (3/6)
trep: Mon Mar 13 11:27:21 2023
tcrd: March 20
cves: CVE-2023-27535
tpub: Mon Mar 13 08:07:00 2023
lpub: https://github.com/curl/curl/commit/8f4608468b890dc
toss: Mon Mar 20 07:26:22 2023
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27535: FTP too eager connection reuse
loss: https://www.openwall.com/lists/oss-security/2023/03/20/3

proj: curl
subj: [vs-plain] curl: CVE-2023-27536: GSS delegation too eager connection re-use (4/6)
trep: Mon Mar 13 11:27:20 2023
tcrd: March 20
cves: CVE-2023-27536
tpub: Fri Mar 10 22:30:00 2023
lpub: https://github.com/curl/curl/commit/cb49e67303dba
toss: Mon Mar 20 07:26:26 2023
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27536: GSS delegation too eager connection re-use
loss: https://www.openwall.com/lists/oss-security/2023/03/20/4

proj: curl
subj: [vs-plain] curl: CVE-2023-27537: HSTS double-free (5/6)
trep: Mon Mar 13 11:28:21 2023
tcrd: March 20
cves: CVE-2023-27537
tpub: Fri Mar 10 16:45:00 2023
lpub: https://github.com/curl/curl/commit/dca4cdf071be0
toss: Mon Mar 20 07:26:32 2023
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27537: HSTS double-free
loss: https://www.openwall.com/lists/oss-security/2023/03/20/5

proj: curl
subj: [vs-plain] curl: CVE-2023-27538: SSH connection too eager reuse still (6/6)
trep: Mon Mar 13 11:28:23 2023
tcrd: March 20
cves: CVE-2023-27538
tpub: Fri Mar 10 16:54:00 2023
lpub: https://github.com/curl/curl/commit/af369db4d3833272b8ed
toss: Mon Mar 20 07:26:36 2023
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still
loss: https://www.openwall.com/lists/oss-security/2023/03/20/6

proj: X.Org Server
subj: [vs-plain] Preview of X.Org Security Advisory for 2023-03-29
trep: Mon Mar 20 08:03:14 2023
tcrd: 2023-03-29 at 12:00 UTC
cves: CVE-2023-1393, ZDI-CAN-19866
tpub: Wed Mar 29 12:15:05 2023
lpub: https://lists.x.org/archives/xorg-announce/2023-March/003374.html
toss: Wed Mar 29 12:36:06 2023
soss: [oss-security] Fwd: X.Org Security Advisory: CVE-2023-1393: X.Org Server Overlay Window Use-After-Free
loss: https://www.openwall.com/lists/oss-security/2023/03/29/1

proj: Open vSwitch
subj: [vs-plain] [ADVISORY] CVE-2023-1668: Open vSwitch: Remote traffic denial of service via crafted packets with IP proto 0
trep: Fri Mar 31 23:06:33 2023
tcrd: 06-Apr-2023
cves: CVE-2023-1668
toss: Thu Apr 06 19:18:23 2023
soss: [oss-security] [ADVISORY] CVE-2023-1668: Open vSwitch: Remote traffic denial of service via crafted packets with IP proto 0
loss: https://www.openwall.com/lists/oss-security/2023/04/06/1