ID

VAR-202210-0997

CVE

CVE-2022-40303

TITLE

Red Hat Security Advisory 2023-0795-01

DESCRIPTION

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. It is written in C language and can be called by many languages, such as C language, C++, XSH. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. Description: Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud. For more information about Submariner, see the Submariner open source community website at: https://submariner.io/. Security fixes: * CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags Bugs addressed: * Build Submariner 0.13.3 (ACM-2226) * Verify Submariner with OCP 4.12 (ACM-2435) * Submariner does not support cluster "kube-proxy ipvs mode" (ACM-2821) 3. Bugs fixed (https://bugzilla.redhat.com/): 2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 5. JIRA issues fixed (https://issues.jboss.org/): ACM-2226 - [ACM 2.6.4] Build Submariner 0.13.3 ACM-2435 - [ACM 2.6.4] Verify Submariner with OCP 4.12 ACM-2821 - [Submariner] - 0.13.3 - Submariner does not support cluster "kube-proxy ipvs mode" 6. JIRA issues fixed (https://issues.jboss.org/): LOG-3533 - tls.cert, tls.key and passphrase are not passed to the fluentd configuration when forwarding logs using syslog over TLS LOG-3534 - [release-5.5] [Administrator Console] Seeing "parse error" while using Severity filter for cluster view user 5. Description: Service Binding manages the data plane for applications and backing services. Bugs fixed (https://bugzilla.redhat.com/): 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 5. JIRA issues fixed (https://issues.jboss.org/): APPSVC-1204 - Provisioned Service discovery APPSVC-1256 - CVE-2022-41717 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2 macOS Big Sur 11.7.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213534. BOM Available for: macOS Big Sur Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks. CVE-2022-42821: Jonathan Bar Or of Microsoft DriverKit Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32942: Linus Henze of Pinauten GmbH (pinauten.de) IOHIDFamily Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2022-42864: Tommy Muir (@Muirey03) Kernel Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation. CVE-2022-46689: Ian Beer of Google Project Zero Kernel Available for: macOS Big Sur Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42845: Adam Doupé of ASU SEFCOM Kernel Available for: macOS Big Sur Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling. CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year Lab libxml2 Available for: macOS Big Sur Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2022-40303: Maddie Stone of Google Project Zero libxml2 Available for: macOS Big Sur Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero ppp Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42840: an anonymous researcher xar Available for: macOS Big Sur Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: A type confusion issue was addressed with improved checks. CVE-2022-42841: Thijs Alkemade (@xnyhps) of Computest Sector 7 macOS Big Sur 11.7.2 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: libxml2 security update Advisory ID: RHSA-2023:0173-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0173 Issue date: 2023-01-16 CVE Names: CVE-2022-40303 CVE-2022-40304 ==================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: integer overflows with XML_PARSE_HUGE (CVE-2022-40303) * libxml2: dict corruption caused by entity reference cycles (CVE-2022-40304) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The desktop must be restarted (log out, then log back in) for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2136266 - CVE-2022-40303 libxml2: integer overflows with XML_PARSE_HUGE 2136288 - CVE-2022-40304 libxml2: dict corruption caused by entity reference cycles 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm libxml2-debugsource-2.9.7-15.el8_7.1.aarch64.rpm libxml2-devel-2.9.7-15.el8_7.1.aarch64.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm ppc64le: libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm libxml2-debugsource-2.9.7-15.el8_7.1.ppc64le.rpm libxml2-devel-2.9.7-15.el8_7.1.ppc64le.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm s390x: libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm libxml2-debugsource-2.9.7-15.el8_7.1.s390x.rpm libxml2-devel-2.9.7-15.el8_7.1.s390x.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm x86_64: libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm libxml2-debugsource-2.9.7-15.el8_7.1.i686.rpm libxml2-debugsource-2.9.7-15.el8_7.1.x86_64.rpm libxml2-devel-2.9.7-15.el8_7.1.i686.rpm libxml2-devel-2.9.7-15.el8_7.1.x86_64.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: libxml2-2.9.7-15.el8_7.1.src.rpm aarch64: libxml2-2.9.7-15.el8_7.1.aarch64.rpm libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm libxml2-debugsource-2.9.7-15.el8_7.1.aarch64.rpm python3-libxml2-2.9.7-15.el8_7.1.aarch64.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm ppc64le: libxml2-2.9.7-15.el8_7.1.ppc64le.rpm libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm libxml2-debugsource-2.9.7-15.el8_7.1.ppc64le.rpm python3-libxml2-2.9.7-15.el8_7.1.ppc64le.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm s390x: libxml2-2.9.7-15.el8_7.1.s390x.rpm libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm libxml2-debugsource-2.9.7-15.el8_7.1.s390x.rpm python3-libxml2-2.9.7-15.el8_7.1.s390x.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm x86_64: libxml2-2.9.7-15.el8_7.1.i686.rpm libxml2-2.9.7-15.el8_7.1.x86_64.rpm libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm libxml2-debugsource-2.9.7-15.el8_7.1.i686.rpm libxml2-debugsource-2.9.7-15.el8_7.1.x86_64.rpm python3-libxml2-2.9.7-15.el8_7.1.x86_64.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm python3-libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-40303 https://access.redhat.com/security/cve/CVE-2022-40304 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY8UoQ9zjgjWX9erEAQgOHQ/+Ns7MY8MsoyU3wlWkuTW5mCenVYaSQa90 nHACMcvLgOKjM61s7FTXHnvV52TKj/+kZRToW2MCOTfuLsYnP0bZ+DFLkhDxoIGR wN6X2Mgh/vtBmdLGtW8bjclpJuYLoGrjfoigFOZgXbRrKBNYLZqLPNutHzcF1IB2 hxdTDn7W+RNjCiP8+l+cTGYx0A9e1rYkCEx5B8qKfJY11/ojBTvxMf2jVnkFM9gz ZwVCDtUyO7S7B5l6OqvH9qcR8dBOMw5KpaE4wGc+RF9iYI3t68xJlB2bj21Eb1oW I4OwkkOh9i96f2XtusnTZIdJWVEMHJ3ZjM8a40nB7OzV0zSRRml61CLvLur6YAdo nxQ3bstsq2+NhK/J0pHLUaVLQxeePgvHICJBIBXRV/bFHZw3qADo08FmvcVh4y9t HSyYP6ZdofwxeR6elSke2cM57RWIcDVB8+o6ESUN4q5QMp6xjmA+82tHLmbguwyb RMTW46jCZ3tZOo5+zIXBGlwvMZGv5PDzzgjwEboxBoWTGegBdPJkNNmezj9pZcyB 0l2Uh2LtC/uPbqBFzsPy94pyEd4VoRAY5/RBS+PgLCJm4o2qsaTN75jqHpSQXgw8 CfZT3+0XnYvsYHBt8jtiVUpHJpbfh9vNNjXzcLO/JKCv8NW3So1MfV2A+mT/mDmh nCQ8kAI62fw=pLiQ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . The following advisory data is extracted from: https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0413.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. Summary: OpenShift sandboxed containers 1.4.1 is now available. Description: OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. This advisory contains a security update for OpenShift sandboxed containers, as well as bug fixes. Red Hat discovered that when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. (CVE-2023-3089) For more information about the additional fixes in this release, see the Release Notes documentation: https://access.redhat.com/documentation/en-us/openshift_sandboxed_containers/1.4/html-single/openshift_sandboxed_containers_release_notes/ 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 5. JIRA issues fixed (https://issues.redhat.com/): KATA-2121 - taints/tolerations from kata-monitor daemonset removed by reconciliation KATA-2212 - operator, must-gather, and cloud-api-adapter dockerfiles use ubi8 base images KATA-2299 - 1.4.1 build showing 1.4.0 version OCPBUGS-15175 - [Major Incident] CVE-2023-3089 osc-operator-container: openshift: OCP & FIPS mode [rhosc-1-4] 6

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

TYPE

overflow, code execution

EXPLOIT AVAILABILITY

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2026-04-18T22:43:20.630000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE